Security and continuity without compromise
SIDN plays a crucial role in the digital infrastructure of the Netherlands. Every .nl domain registration, change, or transfer, as well as email traffic to a .nl email address and access to .nl websites, runs through systems managed by SIDN. This means that 24/7 availability is not a desire, but a strict requirement. With a plan to migrate a limited portion of its core services to the cloud, the organization needed to ensure continuity today while laying a solid foundation for tomorrow. The opportunity was strategic: to transform the infrastructure from a bottleneck into a launch pad for the next phase.
The ambition was clear:
-
Free up internal capacity by reducing dependency on hard-to-find infrastructure specialists
-
Improve service resilience
-
Shift focus to platform innovation rather than legacy maintenance
Operational drag and hidden risks
While the .nl systems had proven reliable, the platform also required significant manual upkeep. SIDN saw the opportunity to automate patching, monitoring, and infrastructure tuning processes. Security also offered an opportunity for improvement. While backups were already in place, the next step was to establish and test a reliable, documented restore strategy, especially for critical databases. Because as the saying goes: “it’s not your backup strategy that matters, it’s your restore capability.”
Internally, SIDN had chosen to allocate its cloud-ready talent toward the future. That meant the “old” environment needed to be kept alive by external partners. But that didn’t mean it had to stay static.
From reactive to resilient
SUE stepped in not only to manage, but to take the platform to the next level. A small, hands-on team worked across operations, security, and coordination. The improvements were immediately measurable:
Greater resilience
SIDN's business-critical systems are now continuously monitored. Issues are identified and addressed at an early stage through a structured morning triage process. Manual patching, which was previously fragmented, is now part of a documented, team-wide process, ensuring greater consistency and ownership. Infrastructure updates are carefully planned, minimizing risks and ensuring that essential services remain available without interruption to users throughout the country.
Stronger security posture
The team improved SIDN’s security baseline by identifying and replacing passwords across the infrastructure. Credential hygiene is actively monitored, with clear ownership embedded across teams to ensure long-term vigilance. In parallel, backup and restore testing for critical databases has been formalized and scheduled.
Improved collaboration
Collaboration across teams has become more structured and effective, with smoother coordination between key domains such as storage, DNS, and networking. Requests for infrastructure changes, such as additional storage, are properly tracked, triaged, and handled transparently, reducing bottlenecks and miscommunication. At the same time, other team members are actively supported and coached, ensuring that knowledge is transferred and long-term capabilities are built within the organization.
Prepared for what's next
To ensure a smooth transition toward the future, configuration management tooling such as Ansible has been repaired and consistently aligned across all relevant servers, reducing technical debt and improving reliability. A test-based approach to system recovery has been introduced, equipping the team to respond effectively to worst-case scenarios with confidence.
What we did, step by step
We began by stabilizing daily operations: refining dashboards, aligning ticket processes, and ensuring nothing critical fell through the cracks. Morning standups became the heartbeat of the team, driving alignment and responsiveness. At the same time, we partnered with SIDN’s internal security team to address areas for improvement. The password vault was cleaned up, restore plans were drafted and executed, and responsibilities were clarified across infrastructure and database teams. We reactivated projects like config management tooling and rebuilt it into a working, supportable solution. Where needed, we trained internal teams and ensured continuity of knowledge. The backup strategy was flipped: instead of checking if backups existed, we now test whether they can be restored. The team practices full-restore exercises twice a year, simulating realistic failure scenarios. This not only improves technical readiness but also builds muscle memory across teams. One of the most impactful changes? We helped the team move to structured, proactive improvement, even in an environment set to be phased out.
Need to secure today while preparing for tomorrow? See how SUE can stabilize your critical infrastructure, improve resilience and free up capacity for cloud innovation. Get in touch to explore how we can turn your “keep it running” environment into a launchpad for transformation.
* required
