Confidential ©2014 Risk Management Solutions, Inc.

RMS Cloud

Paris Georgallis SVP Platform Operations

Status: Strategy & Deployment

Confidential ©2014 Risk Management Solutions, Inc.

TOPICS

What  is  the  RMS(cloud)?    Our  cloud  strategy    How  did  we  build  it?    Our  guiding  principles  

Our  Guiding  Principles  for  the  RMS(cloud)  

Predictable Performance Highly Available Elastic

Control

Secure  

Buy/Rent what you can. Build what you must.

Leverage allies and partners.

How  We  Built  The  RMS  Cloud  

Talented  Human  Capital   Hire  

Hardened  Tier  III  Data  Centers   Rent  

ElasDc  Compute  Capacity   Rent  

Enterprise  Grade  infrastructure components with high SLA   Buy  

Wide Area Networking, Add On Services, Support   Buy  

Specialized  Purpose-­‐built  Architecture   Build  

24x365  InformaDon  Security  &  Network  OperaDons  Center   Build  

Tier III Hardened  Datacenters  

DR & BC Iceland

Production Canada

Production England

Cloud  Deployment  Under  RMS  Management  

Predictable Performance

Guiding  Principles    

High Performance

Fast Storage Area Network

portfolio

GUIDING PRINCIPLES

Enterprise Grade

Guiding  Principles    

Highly Available

Ø  Robust  enterprise  grade  Infrastructure  Deployed  

Ø  EMC,  CISCO,  IBM,  Palo  Alto  Networks,  VMware  

Ø  AcDve/AcDve,  N+N,  N+1  architecture  

Ø  Local  Backup  

Ø  Local  Snapshots  

Ø  Dedicated  D/R  Site  

Ø  AcDve  IPS/IDS  Systems  

Ø  AlerDng/Monitoring  

Ø  OperaDonal  Intelligence  gathering  

High Availability GUIDING PRINCIPLES

•  Robust  enterprise  grade  infrastructure  

•  AcDve/AcDve,  N+N,  N+1  architecture  

•  Fast  vendor  SLAs  

•  Local  Backup  

•  Dedicated  DR  site  for  BC  

•  AcDve  IDPS  

•  Monitoring  &  AlerDng  

•  OperaDonal  intelligence  

Guiding  Principles    

Elastic

ELASTICITY

RMS Cloud Security

Perimeter

Guiding  Principles     Elastic

Elastic Capacity

Base Compute Elastic Compute

RMS Cloud Security Perimeter

GUIDING PRINCIPLES

Elastic

Guiding  Principles     Secure  Ensuring Data Security and Privacy Compliance

Restricted personnel access §  Biometric multi-factor authentication for physical access control

All persistent storage within a dedicated security perimeter

Isolation of client data §  Clients never have direct access to the data warehouse §  Private schemas and collections ensure privacy

Data security §  FIPS 140-2 compliant encryption at rest §  HTTPs/SSL/TLS encryption during transit §  On-site destruction (shredding) of failed storage devices

Continuous backups & Datacenter Disaster Recovery

ü  Clients own their data ü  Client data is private &

secure ü  Physical storage is owned,

managed, and secured by RMS24x7 monitoring & analytics

ü  Periodic penetration and vulnerability assessments

ü  Periodic audits; internal and external third party

ü  Executive Level Governance/Security Council

ü  Current Industry workflow

& challenges

Ø  Data  transfers  data  by  ?p/  email  /  USB  drives  -­‐    Ø  the  "weakest  link"  in  a  chain  is  your  lowest  standard    

Ø  You  have  no  idea  where  your  data  is  at  any  point  in  Ime  today  

Ø  Data  o?en  not  be  wiped  a?er  analysis,  previous  years  versions  may  sIll  be  around  in  a  data  center?  

The  future  you  may  have  to  be  ISO  compliant  before  receiving  a  submission  from  your  clients!!  

Key  Security  Points   Secure  

ü  Have not yet identified any client today with an ISO Cert

GUIDING PRINCIPLES

Security

Network Security

Encryption

Identity and Access

Management

System Hardening

Business Continuity

Hardened Tier III Data

Centers

Stringent Change

Management

Auditable Logging

Certifications & Compliance

Comprehensive &

Multi-layered

Guiding  Principles    

ü  Rapid Deployment of Virtual Machines

ü  Rapid Patch Deployment ü  Automated Provisioning ü  Automated Elastic

Compute

Control

Control

Server,  ApplicaDon  &  Network  Monitoring,  Performance  and  AlerDng  Pla]orm  

Apica -

3rd  party  system  for  syntheDc  user  tesDng  of  availability  and  performance  

RMS  Cloud  Team  53  and  growing  

Dedicated  NOC/SOC  24x365  

Managed  Servers,  Network  &  Physical  Managed  O/S  Support  Maybe  managed  ApplicaDon(s)      

A  cloud-­‐delivered  enterprise  wide  risk  management  pla]orm  delivered  as  a  So^ware  as  Service    

We  have  been  hosDng  RL  on  the  cloud  for  clients  for  the  last  4  years  Similar  challenges  exist  as  on-­‐premise:    

Ø  No  3rd    party  models  or  3rd  party  applicaDons  Ø  No  elasDcity  &  No  data  secure  data  exchange  

Their  cloud  guy  from  their  best  performing  division  

The  Forbes  Global  2000  is  an  annual  ranking  of  the  top  2000  public  companies  in  the  world  by  Forbes  magazine,  based  on  a  mix  of  four  metrics:  sales,  profit,  assets  

and  market  value.  

Our  Guiding  Principles  for  the  RMS(cloud)  -­‐  Review  

Predictable Performance Highly Available Elastic

Control

Secure