Upload
rms
View
711
Download
0
Embed Size (px)
DESCRIPTION
Paris Georgallis of RMS speaks about the RMS cloud strategy and deployment, ahead of the launch of RMS(one). This was presented to the attendees of the RAA Cat Modeling conference in Orlando, 2014.
Citation preview
Confidential ©2014 Risk Management Solutions, Inc.
RMS Cloud
Paris Georgallis SVP Platform Operations
Status: Strategy & Deployment
Confidential ©2014 Risk Management Solutions, Inc.
TOPICS
What is the RMS(cloud)? Our cloud strategy How did we build it? Our guiding principles
Our Guiding Principles for the RMS(cloud)
Predictable Performance Highly Available Elastic
Control
Secure
Buy/Rent what you can. Build what you must.
Leverage allies and partners.
How We Built The RMS Cloud
Talented Human Capital Hire
Hardened Tier III Data Centers Rent
ElasDc Compute Capacity Rent
Enterprise Grade infrastructure components with high SLA Buy
Wide Area Networking, Add On Services, Support Buy
Specialized Purpose-‐built Architecture Build
24x365 InformaDon Security & Network OperaDons Center Build
Tier III Hardened Datacenters
DR & BC Iceland
Production Canada
Production England
Cloud Deployment Under RMS Management
Predictable Performance
Guiding Principles
High Performance
Fast Storage Area Network
portfolio
GUIDING PRINCIPLES
Enterprise Grade
Guiding Principles
Highly Available
Ø Robust enterprise grade Infrastructure Deployed
Ø EMC, CISCO, IBM, Palo Alto Networks, VMware
Ø AcDve/AcDve, N+N, N+1 architecture
Ø Local Backup
Ø Local Snapshots
Ø Dedicated D/R Site
Ø AcDve IPS/IDS Systems
Ø AlerDng/Monitoring
Ø OperaDonal Intelligence gathering
High Availability GUIDING PRINCIPLES
• Robust enterprise grade infrastructure
• AcDve/AcDve, N+N, N+1 architecture
• Fast vendor SLAs
• Local Backup
• Dedicated DR site for BC
• AcDve IDPS
• Monitoring & AlerDng
• OperaDonal intelligence
Guiding Principles
Elastic
ELASTICITY
RMS Cloud Security
Perimeter
Guiding Principles Elastic
Elastic Capacity
Base Compute Elastic Compute
RMS Cloud Security Perimeter
GUIDING PRINCIPLES
Elastic
Guiding Principles Secure Ensuring Data Security and Privacy Compliance
Restricted personnel access § Biometric multi-factor authentication for physical access control
All persistent storage within a dedicated security perimeter
Isolation of client data § Clients never have direct access to the data warehouse § Private schemas and collections ensure privacy
Data security § FIPS 140-2 compliant encryption at rest § HTTPs/SSL/TLS encryption during transit § On-site destruction (shredding) of failed storage devices
Continuous backups & Datacenter Disaster Recovery
ü Clients own their data ü Client data is private &
secure ü Physical storage is owned,
managed, and secured by RMS24x7 monitoring & analytics
ü Periodic penetration and vulnerability assessments
ü Periodic audits; internal and external third party
ü Executive Level Governance/Security Council
ü Current Industry workflow
& challenges
Ø Data transfers data by ?p/ email / USB drives -‐ Ø the "weakest link" in a chain is your lowest standard
Ø You have no idea where your data is at any point in Ime today
Ø Data o?en not be wiped a?er analysis, previous years versions may sIll be around in a data center?
The future you may have to be ISO compliant before receiving a submission from your clients!!
Key Security Points Secure
ü Have not yet identified any client today with an ISO Cert
GUIDING PRINCIPLES
Security
Network Security
Encryption
Identity and Access
Management
System Hardening
Business Continuity
Hardened Tier III Data
Centers
Stringent Change
Management
Auditable Logging
Certifications & Compliance
Comprehensive &
Multi-layered
Guiding Principles
ü Rapid Deployment of Virtual Machines
ü Rapid Patch Deployment ü Automated Provisioning ü Automated Elastic
Compute
Control
Control
Server, ApplicaDon & Network Monitoring, Performance and AlerDng Pla]orm
Apica -
3rd party system for syntheDc user tesDng of availability and performance
RMS Cloud Team 53 and growing
Dedicated NOC/SOC 24x365
Managed Servers, Network & Physical Managed O/S Support Maybe managed ApplicaDon(s)
A cloud-‐delivered enterprise wide risk management pla]orm delivered as a So^ware as Service
We have been hosDng RL on the cloud for clients for the last 4 years Similar challenges exist as on-‐premise:
Ø No 3rd party models or 3rd party applicaDons Ø No elasDcity & No data secure data exchange
Their cloud guy from their best performing division
The Forbes Global 2000 is an annual ranking of the top 2000 public companies in the world by Forbes magazine, based on a mix of four metrics: sales, profit, assets
and market value.
Our Guiding Principles for the RMS(cloud) -‐ Review
Predictable Performance Highly Available Elastic
Control
Secure