25 May, 2022
Mojo Power is an Australian electricity company that focuses on making renewable energy and smart tool technology accessible across Queensland, New South Wales, Victoria, South Australia, and the Northern Territory. Mojo Power is included in the National Electricity Market portfolio of iON Holdings that also includes the acquisitions of QEnergy, People Energy, and Sanctuary Energy (iON Group). As a result, the four different businesses were brought under the one technology umbrella. To become a unified Group, systems, processes, and strategies needed to be evaluated and aligned. Mojo Power was the model business for technology infrastructure, and thus led this transformation.
The four electricity retailers had separate systems and processes with different approaches to technology. This made it difficult to quickly gather a working group to begin centralising these functions. During the discovery and planning phase, three issues emerged as key priorities:
A holistic vision and strategy would be needed to unify technology across the Group
Existing teams would require an investment in training and development to bring this vision to life
Security networks needed stronger protection to reduce AWS vulnerabilities
The Chief Technology Officer of Mojo Power (and iON Holdings), Luke Giuliani, was tasked with scaling technology across the four electricity brands. Integrating the Engineering, Operations, DevOps, Data, and Security functions required a team with deep technical expertise and the ability to problem solve in a highly regulated and complex domain. Mojo Power needed a partner to help define the strategy and identify project priorities that could work collaboratively, quickly, and effectively to roll out the transformation. Midnyte City had these capabilities and was engaged as a strategic delivery partner.
Two Midnyte City consultants, Bhushan Manekar and Chris Copeland, worked closely with Luke Giuliani to assess the situation. The team devised a two pronged approach to improve and unify the overall technology function:
General security uplift and ensuring continued regulatory compliance of data access and retention, availability and accessibility, reporting, regulator interactions, and customer integrations.
Uplift of backend infrastructure to best practice architecture, including separation into different AWS accounts with security hardened networks and modern, simple, and standard implementation processes and practices.
General security uplift
Followed the framework established by the Open Web Application Security Project (OWASP) to audit and secure the AWS environments.
Set up best practice multifactor authentication and conditional access to reduce the risk of unauthorised access.
Implemented AWS GuardDuty and Security Hub to address and safeguard against cybersecurity attacks.
Used AWS Systems Manager Parameter Store (SSM) to secure data in applications and allow for credentials to be shared securely.
Implemented SSM Patch Manager to automatically repair vulnerabilities or flaws in EC2 servers during maintenance windows.
Revamp of backend infrastructure
Overhauled the entire AWS environment for optimal performance.
Optimised cloud applications, downsized unnecessary large compute units, updated product selections, reduced cloud costs by migrating and switching off redundant legacy applications and in-house database servers.
Provided greater visibility over the software engineering infrastructure with ongoing monitoring and automated alerting.
Team capability development
One key goal throughout the engagement was knowledge transfer. By pairing and collaborating with internal team members on tasks, delivery, process improvements, planning, and reviews, Manekar and Copeland were actively sharing skills and coaching peers. This further embedded specialist skills and cultivated technical experience across the group, helping to create a cultural shift where robust and pragmatic security practice became the norm for engineers, developers, and the wider team.
“Our security measures, internal behaviours, and deployment practices have improved significantly since working with Midnyte City. Bhushan Manekar and Chris Copeland stepped in as leaders who had the technical skills and professional competence to get things done. They exemplified the curiosity, influence, and adaptability that motivated others to reach the bar they raised for technology across the organisation.”
Chief Technology Officer of Mojo Power (and iON Group)