servicesbanner

Projects

Key Projects

Network & Security Design, Implementation, Engineering, Cyber Assessment, Commissioning

bec securing the future for an austin tx based company
Austin, TX Company Security Assessment – Typosquatting Email Compromise

An Austin-based company was targeted by a sophisticated cyber-fraud attack carried out by advanced persistent threat (APT) actors. Attackers used typosquatting to create a fraudulent email domain that closely resembled the company’s outsourced accounting firm. A key executive’s email account was compromise giving the actor insight into client financial communications. The actors created a fake invoice with a false embedded link redirecting payments to the attackers account.

Facing financial and reputational risk, I was engaged to conduct a detailed security breach analysis. I was able to identify the root causes; lack of multifactor authentication (MFA), delayed transfer of internal billing responsibilities, and reliance on manual processes. There were multiple contributing factors, including poor email verification practices and gaps in communication during billing handoffs.

A comprehensive remediation plan was delivered with key recommendations to improve employee awareness, phishing techiques, fraudulent domains, and strengthening communication protocols for invoicing.

By following NMC’s guidance, the company enhanced its cybersecurity posture, reduced future risk, and restored trust with its clients.


oceanside
San Franciso Wastewater Treatment Plants – Network Upgrade – Security Expansion Project

The Network Upgrade – Security Expansion Project, established a comprehensive security network for San Francisco’s primary wastewater treatment plant. With a budget of $770,000, the project focused on protecting critical infrastructure through a combination of advanced Network Access Control (NAC)802.1x, secure wireless, upgraded switching, servers, storage, physical security door control, and surveillance systems. NAC ensures policy is enforced to detect and authenticate devices at the point of connection.

This project is just one of three sites that received this level of upgrades. All video suveillance feeds are transmitted to centralized servers enabling continuous monitoring and improved situational awareness. The design ensures only authorized devices access the network, reducing the risk of intrusion and enhancing protection of critical assets.


ftb bldg
California Francise Tax Board – Digital VIdeo Surveillance Conversion Project

The Digital Video Surveillance Conversion Project for the State of California Franchise Tax Board (FTB) involved upgrading and modernizing an extensive security camera system. All cameras an supporting infrastructure was upgaded to enhance an existing 200 analog and digital cameras to a unifed system. The original Bosch analog recording system was replaced with IP-based Milestone, and AXIS Communications technologies.

The project was complete with no system downtime. Multiport amplifiers were used to duplicate camera signals, allowing thorough testing and validation before the final cutover. Axis Communications encoders were used to convert all analog camera feeds into IP-based video, effectively modernizing the entire surveillance network.

The upgraded system added 80 terabytes of storage failover enabling higher frame rates for improved image quality. The project was recognized with a Gold Star rating by the State of California, highlighting NMC’s technical expertise and successful delivery.


sacregwater
Sacramento Regional Water Treatment Plant – Fiber Optic Infrastructure Upgrade

The Sacramento Regional Water Treatment Plant “EchoWater” Project (Contract #4240) involved a major fiber optic infrastructure upgrade with project cost of $940,000. The project included designing new paths and deploying over 23,000 feet of new OM3 and OS1 shielded fiber optic backbone infrastructure. All cables were fusion spliced and certified.

Alternate routing had to be engineered to accomodate underground building structures. Over 9,000 feet of Galvanized and PGRS conduit was installed including explosion-proof passthroughs and mechanical seals to prevent chemical infiltration. Safety was critical due to the hazardous environment following OSHA standards and use of specialized detection equipment for confined or chemical-prone areas. The upgrades have improved the reliability, safety, and scalability of the plant’s network infrastructure.


sanmateofcsd
San Mateo-Foster City School District – Bond Network Upgrade Expansion Project

The San Mateo-Foster City School District (SMFCSD) undertook a $3.79 million Network Upgrade Expansion Project to modernize and secure its IT infrastructure. THe project required a full network design to implement a comprehensive 802.1x solution with all new new switching equipment, district-wide wireless, firewalls, UPS systems, server virtualization, storage expansion, and migration to Microsoft Exchange Server. The project also involved deploying EMC backup and email archiving systems, as well as cleaning and upgrading all communications rooms and closets.

A complete network assessment was conducted and used to develope a remediation plan centered on the 802.1x – based architecture. A key focus was implementing a robust security framework with Network Access Control (NAC) and policy enforcement at the network edge. This allows the system to evaluate device type, user role, location, and access conditions before granting connectivity, ensuring highly granular and centralized control over both wired and wireless access.

THe project was conducted in collaboration with the district IT staff to deploy the upgrade. Core systems were upgraded with redundancy and performance optimization prior to cutover. Servers were virtualized into a VMware environment supported by EMC storage and centralized backup solution, improving efficiency, storage management, and data protection. Infrastructure upgrades also included new racks, enclosures, cabling, and power systems.

An Enterprise Management Suite was deployed to provide centralized network monitoring, policy management, asset tracking, and automated security responses. Active Directory was restructured to align with user roles and policy enforcement, enhancing security and operational predictability.

Additionally, Microsoft services such as RADIUS (NPS), Certification Authority, and Group Policies were configured to enable 802.1x authentication. The NAC system enforces device compliance with district standards, including patching, antivirus, and firewall requirements, redirecting non-compliant devices to remediation resources. This project resulted in a highly secure, scalable, and centrally managed network environment.

cdcryouth

California Department of Corrections and Rehabilitation – Network Upgrade and Site Documentation

This $547K project with the CDCR, Division of Juvenile Justice (DJJ), included upgrade of network infrastructure and design of a secure enterprise architecture. All network infrastructure and underground pathways werer documented for all eleven sites statewide.

Enterprise Information Systems (EIS) staff coordinate access for this project ensuring strict adherence to security protocols and operational requirements. Core network equipment was staged and pre-tested to validate performance, redundancy, and failover prior to deployment.

Enterprise Network Design

The design featured a comprehensive IP addressing, routing, and Network Access Control (NAC) using 802.1x. Security policies were enforced at the switch port level, ensuring only authorized users and devices could access network resources.

Access levels were restricted based on authentication, with correctional staff, educators, and wards assigned appropriate permissions. Unauthorized devices were automatically denied access, strengthening overall network security.

An Enterprise Management Suite was configured to provide centralized control, enabling EIS to manage policy enforcement, asset tracking, automated security response, and access control across all sites.

Documentation and Site Implementation

Multiple teams were deployed to upgrade and document 11 DJJ sites. Work was carefully coordinated to comply with correctional facility protocols, including escorted access where required.

Detailed documentation included firewall and switch configurations, redundant firewall deployments, and logical network diagrams illustrating connectivity and security operations. Physical site diagrams identified equipment locations, cabling, and pathway capacities, produced in AutoCAD, with logical diagrams delivered in Visio.

Each site received a comprehensive report outlining infrastructure details and remediation recommendations. All deliverables—including diagrams, configurations, and as-built documentation—were provided in both electronic format and printed binders for EIS use.


calema
California Emergency Management Agency (CalOES today) – Sequoia Pacific Ave Data Center & CalEMA Data Center Remediation Upgrades

These $1.5M combined data center projects focus on modernizing, securing, and scaling critical infrastructure through modular design, improved power and cooling systems, and enhanced cable and equipment management.

The Sequoia Pacific Avenue Data Center Retrofit established a scalable, modular foundation for future growth. Key improvements included the installation of high-density equipment enclosures, redesigned underfloor cable management, and optimized rack layouts to support hot and cold aisle containment. Power distribution was enhanced with dual-source vertical PDUs connected to both UPS and building power, while airflow efficiency was improved through organized cabling, sealed floor cutouts, and proper enclosure spacing. Additional upgrades included extending copper and fiber connectivity, installing patch panels, and relocating power infrastructure to align with the new layout. This phase delivered a cleaner, more efficient, and expandable data center environment.

The CalEMA Data Center Project was expanded into a multi-phase, enterprise-scale deployment. Initial phases introduced high-density enclosures, overhead cable management, modular power distribution, and improved cooling design with hot/cold aisle separation. Subsequent phases included adding enclosures to complete rows and enable hot aisle containment, expanding fiber and copper infrastructure, and extending power buss systems. Redundant UPS systems were introduced to ensure continuous operation of critical systems, while cooling systems were reconfigured for efficiency and longevity.

Across both projects, the emphasis was on modularity, redundancy, and operational efficiency. Together, they delivered highly organized, secure, and scalable data center environments that support future expansion, improve reliability, and reduce energy consumption, aligning with modern data center best practices.


cityofcomm
Fractional CIO Leadership That Strengthened Operations, Reduced Costs, and Modernized Public Infrastructure

From 2012 to 2020, James through his California based company, Network Management Corporation, provided long-term fractional CIO leadership to the City of Commerce, California, helping city leadership strengthen technology operations, improve reliability, modernize infrastructure, and better align IT with the needs of municipal government.

At a time when many public-sector organizations struggled to balance limited resources with growing technology demands, the City of Commerce engaged James to provide experienced executive-level guidance without the cost of a full-time CIO. Over the course of nearly eight years, this relationship became a trusted extension of city leadership and a stabilizing force for the IT department.

The Challenge

Like many small cities, Commerce faced a familiar set of issues: aging infrastructure, limited internal bandwidth, the need for better network documentation, rising operational complexity, and pressure to improve both security and service delivery. The city needed more than technical support. It needed leadership, planning, accountability, and a practical path forward.

The Approach

James served as a retained fractional CIO resource, providing ongoing strategic and operational guidance across the city’s technology environment. This included regular direction-setting with the internal IT team, daily workflow coordination, review of security and reliability concerns, assessment of budget needs, and planning for future improvements.

In addition to advising leadership, James documented the city’s existing network and developed an updated design for the network, data center, and security architecture. The engagement also included review and renegotiation of service contracts to lower costs and improve the overall effectiveness of IT operations.

The Results

Over the life of the engagement, the City of Commerce benefited from measurable operational and strategic improvements:

  • strengthened day-to-day IT direction through recurring leadership and workflow coordination
  • improved visibility into the city’s network and infrastructure environment
  • documented network architecture and a clearer plan for modernization
  • redesigned network, data center, and security strategy to improve functionality and long-term resilience
  • reduced operational costs through renegotiated service agreements
  • improved planning for annual IT budgeting and future investments

One of the most significant outcomes was the successful pursuit of outside funding support for the city’s libraries. James requested funds through the FCC’s Schools and Libraries Division and helped bring in approximately $81,000 to support technology improvements. Those funds were used to upgrade the existing wireless network, core and edge LAN electronics, and install a single-mode fiber optic backbone to support a 10Gb connection from the data center to the library in support of the CENIC connection for all city public libraries.

This work did more than improve technology. It expanded capability, increased connectivity, and helped position the city’s public library infrastructure for better performance and future growth.

Why It Matters

The City of Commerce engagement demonstrates the value of fractional executive technology leadership for organizations that need more than break-fix support. With the right advisor in place, smaller public-sector organizations can gain access to senior-level judgment, stronger planning, better vendor management, improved operational discipline, and meaningful infrastructure progress without carrying the full cost of an internal executive position.

Closing Note

This nearly eight-year engagement concluded in 2020 when the COVID-19 pandemic hit the United States and the City of Commerce experienced significant revenue loss due to the shutdown of its local casino, which had been a major revenue source for the city. As a result of those economic pressures, the contract was discontinued. Even so, the duration of the relationship and the breadth of outcomes achieved reflect a high level of trust, sustained value, and meaningful impact over time.


Scroll to Top