Financial services company moves to AWS for improved data security and compliance

Migration components

Eviden designed and deployed a solution that migrated the company’s infrastructure to the AWS platform. The solution prioritized enhancing performance, fortifying data security, and ensuring adherence to financial regulations and data sovereignty. The cornerstone of this transformation was the strategic landing zone design, which entailed a multi-account AWS structure featuring distinct organizational units for sandbox, security, infrastructure, production, and non-production environments.

The deployment leveraged Elastic Compute Cloud (EC2) instances, distributed across multiple availability zones within the east and west US regions, to host workloads. This ensured data sovereignty and resilience. To further enhance security and connectivity, the network architecture included both private and DMZ subnets, coupled with a web application firewall (WAF) to shield against web exploits. Application load balancers (ALBs) were integrated to efficiently distribute incoming traffic across the EC2 instances, thereby augmenting fault tolerance.

The project teams also implemented rigorous security measures, including traffic control managed by security groups at various network levels, complemented by vulnerability scanning services. For data protection and compliance, AWS KMS-encrypted disks were utilized, and separate virtual private clouds were established for PCI compliance, complete with traffic inspection and risk remediation measures.

The monitoring and logging systems were powered by AWS CloudWatch and SNS, ensuring vigilant oversight. In anticipation of potential disasters, a pilot light disaster recovery strategy facilitated the rapid scaling of a minimal running environment, with primary and secondary sites strategically located in the Ohio and Virginia regions, respectively.

Connecting all the components was a migration strategy that embraced a re-platforming approach, optimizing the infrastructure for cloud efficiency and scalability.

The project delivered many outcomes that sparked a new era of technological excellence and operational agility.

Taking credit for a successful transformation

By transitioning from legacy hardware, the consumer finance company effectively mitigated risks and reduced costs. And adopting AWS cloud-native services marked a pivotal shift, modernizing services and enhancing efficiency and scalability. This move notably improved systems availability and performance, setting a new benchmark for operational excellence.

The company also embraced operational improvements and adopted DevOps, achieving significant enhancements in system performance. Plans are underway to further develop DevOps practices, which will lead to a more streamlined infrastructure management.

Data sovereignty was meticulously maintained, with data locality preserved within the US through the strategic use of local AWS regions and robust encryption. This approach not only fortified data security but also ensured solution availability across multiple availability zones.

Experimentation and vendor integration were key highlights of the project, with the adoption of AWS enabling the finance company to leverage the AWS Marketplace for innovative experimentation.

The finance company’s commitment to data security remained unwavering, as evidenced by its ongoing PCI DSS compliance, ensuring the secure handling of payment card data.

Business continuity was bolstered through the implementation of a resilient multi-AZ architecture, which improved system availability and reduced recovery time in the event of disruptions.

The partnership with Eviden, a global AWS service provider with a local US presence, enhanced the finance company’s customer support and customer satisfaction, reinforcing its reputation and fostering customer trust.