Trade Square
Cloud
Migration
Government Cloud Migration & Secure Digital Foundation

Case Study · Government · Public Sector

Ministry of Energy, Thailand

Government Cloud Migration & Secure Digital Foundation

Client
กระทรวงพลังงาน
Industry
Government · Public Sector
Partner
Trade Square Co., Ltd.
Period
2025 – 2026
40+Servers Migrated
13Application Groups
Multi-AZHigh Availability
NCSACompliant

ACustomer Overview

Who is the Customer

The Ministry of Energy of the Kingdom of Thailand (กระทรวงพลังงาน) is the government body responsible for formulating and executing national energy policy, overseeing energy infrastructure, and managing the country's natural resource portfolio — spanning electricity, natural gas, and renewable energy sectors.

As a central government ministry serving both policy makers and the public, the Ministry operates multiple mission-critical digital systems supporting regulatory functions, internal operations, and citizen-facing services. With an expanding digital mandate and growing infrastructure obligations, the Ministry engaged Trade Square to plan and deliver a full transition to cloud infrastructure.

Organisation TypeGovernment Ministry — Kingdom of Thailand
SectorEnergy · Public Sector
HeadquartersBangkok, Thailand
Cloud PartnerTrade Square Co., Ltd.
Cloud PlatformAmazon Web Services — Thailand Region
Engagement PeriodNovember 2025 – 2026

BBusiness Context

Challenges & Strategic Drivers

The Ministry's decision to migrate was driven by a convergence of operational, regulatory, and strategic pressures that made maintaining on-premises infrastructure increasingly untenable. Several factors created a defined and non-negotiable migration timeline.

  1. Infrastructure End-of-Life

    On-premises servers were approaching vendor end-of-support, eliminating the availability of security patches and technical assistance. Continued operation on unsupported infrastructure represented an unacceptable risk to government operations and data integrity.

  2. Data Centre Lease Expiry

    The Ministry's primary data centre lease was set to expire, establishing a firm and immovable deadline for the decommission of all on-premises workloads — with no option to extend the tenancy.

  3. NCSA Compliance Obligations

    As a government ministry, the organisation is subject to Thailand's National Cyber Security Agency (NCSA) standards. Legacy infrastructure lacked the automated controls, audit capability, and security architecture required to demonstrate ongoing compliance.

  4. Inadequate Business Continuity

    The Ministry had no formal disaster recovery framework for its most critical systems. Recovery time objectives for key government services were measured in hours, exposing the organisation to significant operational risk in the event of system failure.

  5. Security Visibility Gaps

    There was no centralised mechanism for monitoring threats or maintaining unified security visibility across the Ministry's digital environment — limiting the ability to detect, respond to, and report on security events in line with NCSA and government accountability requirements.

CEngagement Approach

Solution

Trade Square designed and delivered a structured, phased cloud migration programme — establishing a government-grade, multi-account cloud architecture as the foundation, before executing workload migration in controlled, validated waves. NCSA compliance and security controls were embedded into the architecture at every layer, rather than applied retrospectively.

PhaseDescription
Phase 01 — AssessmentInfrastructure discovery, migration strategy definition, and business case development.
Phase 02 — Foundation & PilotNCSA-compliant cloud architecture, security baseline, and pilot migration with validation.
Phase 03 — Full MigrationWave-by-wave migration of all remaining workloads, culminating in data centre decommission.
Ongoing — Operations & OptimisationManaged support, cost optimisation, and periodic architecture reviews.

Architecture & Design Pillars

Multi-Account Cloud Architecture

  • Dedicated accounts for network, security, identity, and workloads — enforcing clear operational and compliance boundaries
  • Centralised network hub with next-generation firewall and redundant connectivity
  • Policy-driven governance applied consistently across all accounts

NCSA-Compliant Security Design

  • Continuous threat detection and monitoring aligned to NCSA security requirements
  • Encryption enforced for all government data at rest and in transit
  • Data residency controls enforced at the platform policy level
  • Tamper-proof audit logging supporting NCSA accountability obligations

Structured Workload Migration

  • Server migrations executed in validated, sequenced waves with rollback procedures
  • Database modernisation to fully managed cloud database services
  • All cutover windows approved through formal change management processes
  • Application owner sign-off obtained at each wave before proceeding

Resilience & Business Continuity

  • Multi-availability zone deployment for all Tier-1 government systems
  • Automated failover reducing recovery time objectives from days to hours
  • Disaster recovery architecture aligned to NCSA and government service requirements

Cloud Architecture — Thailand Region: NCSA-compliant multi-account cloud architecture with Network, Security, Identity & Workload accounts, centralised security controls, next-generation firewall, and redundant connectivity (see diagram above).

DBusiness Outcomes

Results & Impact

The engagement delivered against each of the five strategic priorities defined at the outset. Outcomes below correspond directly to the challenges that drove the migration programme.

  1. Infrastructure Modernisation Delivered

    All in-scope servers have been migrated or are on a committed schedule for migration. The Ministry has fully eliminated its dependency on end-of-life hardware, removing the associated security and operational risk from its environment.

  2. Data Centre Exit on Track

    The migration programme is structured to achieve full data centre decommission within the required timeframe. Pilot workloads are live, and the remaining waves are sequenced and scheduled to meet the lease deadline.

  3. NCSA Compliance Achieved by Architecture

    NCSA security requirements are enforced automatically through the cloud platform — including mandatory encryption, access controls, centralised audit logging, and continuous compliance monitoring. Compliance is now an inherent property of the architecture, not a manual process subject to human error.

  4. Resilience & Recovery Significantly Improved

    Critical government systems now operate with multi-availability zone redundancy and automated failover. Recovery time for key services has been reduced from several hours to minutes — materially strengthening the Ministry's business continuity posture and reducing the risk of prolonged service interruption.

  5. Centralised Security Governance Established

    The Ministry now operates with unified, real-time security visibility across all cloud workloads. Continuous threat monitoring, centralised logging, and structured incident response are embedded in the platform — supported by a tamper-proof audit trail that meets NCSA accountability and reporting obligations.

Engagement Summary

Trade Square partnered with the Ministry of Energy to address a complex, time-constrained migration challenge — delivering a secure, NCSA-compliant, and resilient cloud foundation that meets the operational and regulatory demands of a central government ministry. The engagement demonstrates that large-scale government infrastructure transformation can be executed systematically, with measurable outcomes and no compromise on security, compliance, or service continuity.