Agricover Credit IFN – Redesigning the Azure Cloud Infrastructure and implementing a DRP

Agricover Credit IFN – Redesigning the Azure Cloud Infrastructure and implementing a DRP




Agricover Credit IFN is a subsidiary of Agricover Holding, the main non-banking financial institution in Romania, dedicated exclusively to financing in agriculture.

Since it began its operations in 2008, Agricover Credit IFN took a firm commitment to support the performance and competitiveness of Romanian farmers through financing solutions tailored to the specific needs in agriculture, through prompt response to requests and simple and non-bureaucratic access to funding required by farmers to develop modern businesses in agriculture.

Agricover Credit grew rapidly and in only a few years it became one of the key players in financing for agricultural producers. In 2017 the company provided financing worth RON 1.37 billion – a 39% increase compared to the previous year – to 2,350 professional farmers. To respond to growing demands from farmers, Agricover Credit has continuously invested in improving its operational system and in developing solutions to ensure efficiency of the business. The company has a mobile commercial team that covers the entire country, travelling directly to farms in order to provide support in choosing the best financing solution and in drawing up the loan paperwork. In addition, through its 9 regional branches, Agricover Credit is able to quickly manage funding requests from farmers all over the country.


Four years ago, Agricover Credit IFN migrated its IT infrastructure to the Microsoft Azure cloud platform. Over the years, security policies have evolved. The Microsoft Azure platform has undergone numerous upgrades to deliver high performance cloud-computing services that ensure data availability and security. During the four years since the migration of the IT infrastructure to the Azure cloud, Agricover Credit IFN expanded its activity. This generated a much higher consumption of resources and a constant need to access services and applications with great performance, and to run on modern infrastructure, in line with the new technologies and operating systems on the market.


The Bento team, together with Agricover Credit IFN representatives, conducted an analysis of the current infrastructure and of the running applications, in order to understand the company’s flows correctly and to identify all issues faced by it. Following this audit, the Bento team proposed:

  • a redesign of the IT services and architectures, taking into account the existing infrastructure, but also the best practices in implementing Azure IaaS;
  • implementation of a disaster recovery plan, to make sure that the IT infrastructure is able to provide minimum critical service downtime and to ensure continuity of business processes.

In order to improve the existing architecture and to respond to current company needs, Bento specialists proposed reshaping the virtual data center and migrating it to the new Azure platform, which brought the following advantages:

  1. Increased security through regular security audits provided by Azure OMS / Security Center;
  2. Simplification of data storage management by migrating virtual machine disks to “Managed” drives;
  3. Strengthening of backup policies in the Azure Backup service;
  4. Implementing a multiform factor authentication solution for cloud resource access;
  5. Implementing geo-replicated storage used within the Azure Backup service;
  6. Implementing firewall rules for differentiated service access;
  7. Redundant solutions for access to the business services offered by the IT environment.

Redesigning the Cloud Architecture in Azure

 In order to be able to solve all problems identified during the audit phase and to align the existing cloud infrastructure with new practices, a new IT architecture in the Azure cloud was proposed.
The new architecture was designed to solve important issues surrounding the alignment of the infrastructure to new standards, but also access to company data, backup and data recovery in case of disaster.

  • Controlled access to the Internet connection from virtual machines in production by using dedicated ACLs via a single external IP;
  • Restricted access of virtual machines to public or external IPs.
  • Controlling access through the Network Security Group ACL to the internal network of the company;
  • Moving backup processes from local servers to the new Azure servers replicated in different geographic regions to ensure data redundancy;
  • Designing a new infrastructure by using Azure V2 resources and using the new Azure portal to implement it;
  • Activating Azure Active Directory and authentication based on credentials for user access to the Azure portal;
  • Access to the infrastructure through encrypted channels in situations where the network and infrastructure of the headquarters become inoperable;
  • Compliance with Microsoft recommendations and existing practices.


The Disaster Recovery Solution 

Data management and storage is one of the most complex IT challenges for all companies, irrespective of their size. Nowadays, organizations are creating and saving unprecedented volumes of critical data, which they need permanently for their day-to-day operation. Losing this data, as a result of IT infrastructure failures or human error can result in bankruptcy within 2 years of such incident.

Back-up processes within Agricover Credit IFN were performed on local servers without an adjacent Disaster Recovery service, which led to the design and implementation of such functionality, to ensure business continuity regardless of the incidents that might occur.

To design the Disaster Recovery solution, Bento specialists started with a set of assumptions related to the infrastructure in the Azure cloud,  the RPO – the maximum allowable period of time for which data may be lost as a result of the incident, and the RTO – the maximum allowable period of time for which the system remains unavailable as a result of an incident.

The Data Recovery Plan implemented within Agricover Credit IFN was designed to respond to challenges of any kind, particularly to critical situations that could affect the company’s operation long-term:

  1. The IT infrastructure at Headquarters is inoperable and cannot be made operational;
  2. The IT communications infrastructure in the subsidiaries is inoperable and cannot be made operational;
  3. The Azure Regional Data Center is inoperable and cannot be restarted in less than the agreed “RTO”.

Redesigning the existing Azure cloud architecture and aligning it with the new standards, as well as the services that focused on the disaster recovery plan, helped to increase the performance of the IT infrastructure within Agricover Credit IFN and to ensure continuity of business regardless of potential local incidents or incidents in Azure data centers.

The process of redesigning and implementing the new IT architecture within the company was carried out quickly by Bento specialists, using the most modern tools and technical platforms, but also in observance of the time, cost and quality parameters initially agreed during the first phase of the project. With full visibility on the project, the representatives of Agricover Credit IFN had permanent, real-time access to all information about the status of development and implementation of the project within the company.