
GridUnity, a platform-as-a-service energy analytics company, specializes in optimizing the integration and utilization of distributed energy resources using advanced cloud analytics and machine learning. Their solutions have notably assisted California's Pacific Gas and Electric (PG&E) in quadrupling their capacity to integrate renewable energy sources. Facing the necessity to meet stringent industry security standards, GridUnity engaged RightBrain Networks to achieve NIST 800-171 certification, a critical requirement for their continued collaboration with key energy sector clients.
GridUnity needed to overhaul its software development, deployment, and maintenance processes to achieve NIST 800-171 certification within a stringent two-month deadline. This certification was vital to verify their security posture and change management procedures across multiple custom application builds for their clientele.
RightBrain Networks was selected for this project based on its proven expertise and the confidence in its ability to meet the tight timeline. RightBrain implemented a comprehensive Continuous Integration and Continuous Deployment (CI/CD) framework using Jenkins, Docker, Amazon Elastic Container Service, and AWS CloudFormation. This setup enabled GridUnity engineers to efficiently create and deploy packages across any customer environment—be it development, staging, testing, or production—within any AWS region.
Additionally, RightBrain integrated Amazon S3 and Amazon RDS to fortify disaster recovery capabilities, ensuring robust data protection against corruption or AWS Availability Zone failures. To align with NIST 800-171 compliance, RightBrain established a rigorous change management protocol, necessitating all system modifications to be tracked via Jira and thoroughly vetted through automated testing in GitLab, Artifactory, Liquibase, and Selenium, coupled with manual reviews and approvals.
Critical to the project’s success was RightBrain’s commitment to transparency and empowerment. The team meticulously documented all processes for the NIST 800-171 certification review and conducted comprehensive training sessions for GridUnity’s engineers. This initiative not only prepared the staff for the certification but also enabled them to manage future deployments independently and confidently.
Thanks to RightBrain’s expertise, GridUnity achieved NIST 800-171 certification on their first attempt without any remediation requests. The certification auditor particularly noted the thoroughness of RightBrain’s documentation. GridUnity’s VP of Engineering, Ina Sipser, commended the enhanced reliability, predictability, and control in deploying changes to customer environments, crediting RightBrain’s robust support and system improvements.