Case Study
How a Retailer Transformed Legacy Systems with AWS
Client Profile
Advertising & MarketingRetailSaaS
Overview
Meet Our Hero
This organization provides website hosting and design services for independent florists across the U.S. and Canada. As a members-only network, it empowers local businesses to reach new customers online without relying on national wire services.
But behind the scenes, the company’s infrastructure told a different story. Its aging on-premise data center, built on a mix of physical and virtual Linux servers, created mounting risks. Downtime could disrupt thousands of customer-facing websites. Performance bottlenecks slowed user experiences during high-demand seasons. Rising maintenance costs strained resources. And compliance with industry regulations was increasingly difficult.
To continue serving its florist network and prepare for future growth, the company needed to leave its data center behind and build a secure, cloud-native foundation.
The Challenge
Challenge 01
Aging on-premise infrastructure created downtime and cost risks
Challenge 02
Performance limitations hindered customer experiences
Challenge 03
Compliance gaps emerged as PCI DSS standards grew more stringent
Challenge 04
Scaling applications and provisioning new resources was slow and complex
Challenge 05
Diverse workloads – servers, file shares, databases, and messaging made migration challenging
The Goal
- Fully shift away from an on-premise data center
- Establish a secure, PCI DSS-compliant AWS Landing Zone
- Improve scalability and resilience with multi-account governance
- Minimize downtime during migration
- Reduce operational overhead and enable long-term innovation
The Solution
Step 01 | AWS Landing Zone & Governance
- Implemented a multi-account structure with AWS Control Tower and Organizations
- Dedicated accounts for security, infrastructure, workloads, and databases
- Configured IAM Identity Center with MFA to align with PCI DSS
Step 02 | Automated Security & Compliance
- Applied Service Control Policies (SCPs) to enforce security boundaries
- Deployed AWS Config with PCI DSS conformance packs for automated compliance checks.
- Centralized logs with CloudTrail and Config for auditing
Step 03 | Resilient Network Design
- Created VPCs with public and private subnets across multiple Availability Zones
- Enabled secure outbound connectivity via NAT Gateways
- Used AWS Transit Gateway for centralized traffic flow
- Established VPN connectivity to support the migration process
Step 04 | Multi-Strategy Workload Migration
- Rehosted Linux servers with AWS MGN onto EC2
- Replatformed RabbitMQ cluster to Amazon MQ
- Migrated shared file storage to Amazon EFS
- Migrated databases to Amazon RDS, with client’s partner assisting in data transfer
- Migrated web proxy servers via AWS MGN, integrating WatchGuard
- Firebox Cloud for geographic filtering
Step 05 | Operational Enablement
- Enabled secure access with Systems Manager Session Manager and VPN
- Delivered documentation, training, and a Well-Architected Review
- Identified future opportunities like Auto Scaling and disaster recovery planning
The Impact
Fully exited the data center and achieved a cloud-native operating model
Improved security posture with automated PCI DSS compliance
Reduced operational overhead by eliminating physical infrastructure maintenance
Greater reliability and scalability for florist members during peak seasons
Positioned for growth, with governance and automation enabling future innovation
Turn Cloud Chaos Into Clear Results On AWS
Clearscale helps organizations break free from cloud chaos and experience clear results on AWS. Turning on-premise infrastructure with secure, compliant, and future-ready AWS environments. If your business is ready to reduce risk and unlock agility, let’s talk.