Open Sky Group moves on-premise, Blue Yonder warehouse management solution to Azure cloud for consumer goods distributor in less than one week.

The Challenge

Companies with supply chains have seen a sharp rise in ransomware crime over recent months. Criminals are now using increasingly sophisticated evasion tactics to steal highly sensitive information with the intent of inflating ransom demand amounts. For those who are still using on-premise hardware for supply chain software, the strain on internal IT personnel to protect data can be overwhelming. As other business-related tasks take their attention off system vulnerabilities, breaches can and do occur.

Our client, a well-known consumer goods distributor, found out first-hand when their on-premise, Blue Yonder WMS was attacked.

Their system was almost completely locked down. In response, the company contacted Open Sky Group to immediately transfer multiple warehouses and application servers to Azure cloud. The challenge: complete the migration in less than one week.

The Solution – Move to Azure Cloud

By the first day after the attack, the client was successful in providing a gateway for on-premise users to Azure and the system was running. By the second day, Open Sky Group had the client running operations in Azure cloud (i.e., manifesting and shipping with limited printing capabilities). By the third day, the client was able to ship product and meet customer needs quickly. By the fourth day, printers were deployed.

In total, the client lost only one day of full operations.

From a technical perspective, Open Sky Group was able to have all warehouses connecting through new load balancer technology, having migrated the client MTF connection from warehouse specific servers to a MOCA cluster. MOCA clustering in Azure allowed for a more balanced hardware resource environment.


While there are several ways this challenge could have been resolved, each method had its pros and cons. Systems can be unlocked if the ransom is paid to get the key, servers can be rebuilt, etc. Since the plan was to eventually move to the cloud in the future, the client chose immediate migration to Azure cloud.

How was Open Sky Group able to move on-premise WMS to Azure cloud in such a short time frame?

  • As the client was planning to move to the cloud eventually, Open Sky Group had already prepped the application servers.
  • Our resources and configuration skills with Azure and Blue Yonder WMS enabled this move to be made quickly, with limited impact to client operations.
  • We were already familiar with the client’s existing environment.

Despite the small head start, there were still numerous items to complete when the attack happened. We were able to address those quickly.

Items addressed in less than a week

  • Each distribution center had their own application server on-premise. In Azure, we created a clustered environment with load balancing to provide the WMS to multiple warehouses. The load balancing had not yet been fully configured or tested. Firewall changes and ports needed to be opened. End-to-end testing was performed by the client.
  • The stand-alone SQL database server virtual machine needed to be implemented in Azure and production databases needed to be ported.
  • During off hours, the bulk of the miscellaneous yet important tasks were addressed such as label and report printer set-up, redirection of RF devices, pointing workstations to correct servers, changing IP addresses, etc.
  • Full remediation of the host system integration endpoints was completed (this is how the system talks to the client’s ERP).
  • Recovery of on-premise databases and command logic files was conducted (we were able to pull just the right amount of information).
  • Servers and MOCA cluster fail over testing were completed.

Advice for others

Not everyone experiences ransomware attacks. There are other unexpected events such as unplanned demand for capacity that your existing hardware can’t support or even hardware failure that could cause a need for a move from on-premise to cloud.

How can you avoid having to unexpectedly move your on-premise WMS into the cloud?

Here are a few recommendations we make to all of our clients:

  • Have a GOOD back up strategy where those backups can’t be affected by ransomware and other IT attacks.
  • Create a solid disaster recovery plan that has been TESTED (verification of backups quarterly).
  • Analyze your equipment capacity (if you’re still using on-premise hardware). Ask yourself, “If I have two servers and one of them dies, is that enough to run all of my sites?”
  • Create a master printer listing if you do not have a shared print server. Be sure to include the IP, queue name, communication port, etc. Document print queue settings and methods.
  • Always maintain a full inventory and accounting of all hardware and configuration for any production environment so it can be quickly reproduced if needed.
  • Ensure software updates are completed regularly (anti-virus, etc.).
  • Conduct penetration testing yearly, if not quarterly.

Whether you need to move your Blue Yonder WMS to the cloud quickly or in a planned, purposeful way, Open Sky Group has the resources, experience and knowledge to take your Blue Yonder WMS from on-premise to Azure cloud fully and successfully.

Download the PDF of this case study.

Are you interested in moving your Blue Yonder WMS to Azure cloud? Contact Open Sky Group today.