Core banking and financial systems are moving into the cloud. This talk will focus on the strategy, the technology, and the review process that customers use to move their most important systems into the cloud. Regulation plays an important role in defining how these systems must be secure and resilient, and this talk will dive deep into the regulatory context. In this session nib Group will discuss, as regulated insurer, their preparations to move a System of Record to AWS, with a specific focus on the platform they built to meet their security, risk, and resiliency requirements. Come to this talk to learn what they did, what they learned on the way, and their guidance on how you could do the same.
4. 44
OUR PURPOSE: YOUR BETTER HEALTH
Protecting our members against the financial risk of disease,
sickness and injury
Access to world-class healthcare wherever members are in
the world
Helping members better prevent, manage and treat illness
5. 55
Cloud & Data Platforms
Secure – Elastic – Resilient
Modern Digital Experience
Web – Mobile – API
Next Gen Core System
CRM – Modular – Capability
19. ANNUAL GENERAL MEETING 2018 1919
POLICIES AS CODE
Policies Standards Codified Patterns Workloads Governance
20. ANNUAL GENERAL MEETING 2018 2020
PATTERNS
Features Infrastructure Web/API Extreme
Encryption at Rest & Transit
Hardened SOE & Vulnerability Management
Automatic High Availability
Least Privilege Admin Access
Automated Patching
Out of Band Point in Time Backup + Recovery
Restricted Approved Services
Contingency Plan Continuously Tested
26. ANNUAL GENERAL MEETING 2018 2626
AZ 1 AZ 3AZ 2
AVAILABILITY ARCHITECTURE
Health Checks
Auto Scaling
Immutable Infrastructure
Stateless Compute
Micro-segmentation
Withstand Loss of AZ
Public
Private
Private
Auto Scaling group
ELB
Master / Slave DB
27. ANNUAL GENERAL MEETING 2018 2727
AVAILABILITY – PEOPLE & PROCESS
Monitor Detect Action / Alert Track
Detection is
automatic
Standard availability
patterns with health
checks & monitoring
Developers define
additional logs and
events to monitor
Autoscaling is
automatic
Incidents are tracked &
Post Incident Reviews held
with relevant stakeholders
On call engineer
paged if service
does not self heal
Notifications
posted to DevOps
and Developers
Availability incidents and
trends are reviewed in
governance forums
28. ANNUAL GENERAL MEETING 2018 2828
AVAILABILITY TESTING – “GORILLA”
AZ 1 AZ 3AZ 2
Public
Private
Private
Auto Scaling group
ELB
Master / Slave DB
34. 3434
Key Takeaways… So Far
Your Journey is Context Specific – There's no Silver Bullet
Be Ready for Ongoing Dialogue
Use Multiple Frameworks & Partners
Your Cloud Journey is not just Technical
Remember the People – Culture, New skills, New Roles, Training
Get started Now!