Joel Hurford

I composed and led the response to financial processor warnings that US Mint was non-compliant with PCI data security standards (DSS) and would be fined several hundred thousand dollars per month. As a federal agency, US Mint would shut down a service considered non-compliant with security requirements.

USMint.gov had simple Unix web servers with content and data management hosted on a legacy IBM AS/400. To meet PCI DSS requirements, many controls and procedures had to be created and layers inserted into the transaction workflow. I leveraged the breadth of my experience composing low-cost and rapidly implementable controls, including deploying and configuring Imperva Web Application Firewall (WAF); coded firewall rules analysis; conducted contingency plan technical tests; and audited backup media to escalate and resolve dozens of missing volumes.

Within four months, and before fines commenced, US Mint received a clean PCI DSS audit.

The HHS Office of Inspector General had 300 servers and 50TB of NetApp storage. One-hundred servers and the NetApp storage were in an on-premise room subject to frequent power, water, and rodents issues.

I composed the plan and executed the technical details of virtualizing the physical servers and migrating provider-hosted virtual servers to two highly connected Equinix data centers with demonstrated failover using vSphere Site Recovery Manager (SRM).

All plans have issues, and ours were blocked replication traffic from the prior server-hosting provider or the need for expanded power whips to allow SAN and HP C7000 converged chasses in adjacent racks. I quickly identified and resolved these risks—hand-carry local NAS configured with iSCSI, 220V 30A circuits. The point isn't to have me help you provision a data center; the point is that I maintain the necessary teams and communication to elaborate and resolve the full spectrum of risks a project may encounter.

In four months, HHS OIG reduced hosting costs by 30% even while enjoying superior performance of the migrated virtual machines on a vSphere cluster. Another $500,000 was saved on Oracle licensing by licensing a subset of the DRS cluster using host affinity policies.

Sainsbury's UK is a nationwide grocer with 17,000 user workstations. The company transitioned to Enterprise Active Directory, Microsoft Exchange messaging, and the latest Windows version. Migrating desktops depends on three key elements:
1. Profiling end-users for existing applications to ensure they are most productive after migration.
2. Packaging applications for automated deployment based on profile mappings.
3. Copious communication to end-users and the service desk on what to expect and what legacy applications will not survive the migration.

I led the Active Directory, Group Policy, Application Packaging, Endpoint upgrade, and Service Desk teams. The project was wildly successful in terms of timeliness and transformation of Sainsbury's end-user experience. It was awarded the Accenture (Avanade) CEO Award.

The Endpoint upgrade team lead could not maintain user profile updates because data on thousands of users was collected in Microsoft Excel, but the automated profile migration tool did not have a batch import capability. Using Visual Test scripting and Windows Accessibility features to identify tool-user interface controls, I automated transcription and reduced three-day manual batches to one hour.