DevOps and Automation on AWS in a highly regulated environment

Seisma is a consulting and technical program management firm specialising in complex, regulated information technology projects at scale in the financial services sector. CMD Solutions is a specialist AWS professional services company with a focus on utilising automation and security-first approaches to affect transformation.

The two companies joined forces to undertake a fully automated cloud migration journey with one of Australia’s largest financial institutions; a provider of investment, superannuation and financial advice and services.

Seisma was engaged to assess and orchestrate the exit of two Sydney based data centres. The success of this initiative required the transformation, migration and decommissioning of 53 applications, of which 16 were identified as suitable for transformation and migration to AWS. Seisma know that whilst benefit can be gained by simply rehosting in AWS, significant delivery gains can be achieved by harnessing capability introduced by automation. Seisma and CMD worked together to introduce and build an automation capability for our client; the teams established repeatable automation patterns in the cloud environment.

The migration of workloads to public cloud is highly regulated within financial services, requiring exacting technical and regulatory standards which Seisma have significant experience in delivering.

Leveraging their respective strengths, the teams worked together to ensure a positive client outcome. Seisma led the project shaping and mobilisation activities (application assessment and development of the business case for AWS migrations), as well as managed the project’s delivery timeline, whilst adhering to the bank’s enterprise control standards. CMD focused on the technical AWS components whilst upskilling our client’s asset team, enabling ongoing self-sufficiency upon completion of the project.

‍

Key Points

• Successfully migrated 16 complex applications to AWS for our client via the Seisma and CMD partnership, including the navigation of material workload approvals with APRA (Australian Prudential Regulation Authority).
• Involved the establishment of DevOps Framework CI/CD.
• Ensured consistency, best practices, efficiencies of scale and speed for our client via the collaboration between CMD and Seisma.
• Drove the assessment, business case, technical and operational program management for our client to ensure delivery against timeframe and budget and ensured delivery of industry leading, secure automated AWS environments.

‍

Approach

To design, build and implement a standardised automation and DevOps capability. The CMD team implemented a consumable automation framework creating client centric infrastructure as-code scripts to automate the build of AWS native infrastructure. Further enhancement was delivered with the implementation of automated data masking safeguarding sensitive data for use in non-production environments. The engagement outcome was the ability to streamline the end to end deployment of infrastructure and application in a matter of hours compared to weeks.

Our client is an APRA regulated company meaning that throughout the delivery stringent adherence to governance protocols was required. The adoption of public cloud required the ability to flex and accommodate evolving inbuilt security compliance standards provided via our clients cyber security assessment and management (CSAM).

The introduction of a DevOps model enabled self-service capabilities, delivered reproducible and deployable pipelines to facilitate Continuous Integration/Continuous Delivery. This boosted speed when deploying enhancements to infrastructure and application environments.

Features such as integrated operational-ready monitoring, dashboarding and enhanced disaster recovery and backup de-risked previous constraints while improving security through compliance with regulated security controls.

“It was challenging to introduce automation and continuous integration processes given the age and nature of some of the enterprise applications we were dealing with,” said CMD CEO Andre Morgan. “However, we don’t shy away from complex migrations; in fact, we excel at applying standardisation principles to provide a more manageable and secure deployment process that align with enterprise standards.”

Though the project wasn’t large in size, it was big in complexity presenting an opportunity to take a novel approach, according to Seisma director Mark Kavanagh.

“From the outset, the combined team of CMD, Seisma and our client got into a rhythm and we got an excellent outcome, ”Kavanagh says. “The approach we were taking was one of quality and commitment even when it got quite tricky, and that made people comfortable and motivated to continue.”

‍

Solutions and Benefits

• Self-Enablement: The ability to self-deploy end to end environments in hours rather than weeks when relying on outsourced System Integrators. DevOps capability implemented ensured the creation of robust automated test and release processes with significant focus around regression.
• Improved Resilience and Disaster Recovery: Increased protection and availability of core services by removing single points of failure and introduction of automatically scalable platforms. Duration of formal Disaster Recovery failover scenarios reduced from approximately 10 to 16 hours (workload dependent) to approximately 1 to 2 hours.
• Service Improvement: The automated environment build minimised the number of touchpoints which directly led to are duction in the potential for introduced issues due to human error.

‍

Outcomes

From a technical perspective, this project facilitated the establishment of a modern cloud platform and operating model using DevOps practises and toolsets. By simplifying and speeding up application upgrades and management, our client minimised downtime for users and lowered the cost of change to key business applications

The joint forces from CMD, Seisma and our client took a consistent approach across all applications being migrated, with the added benefit of technical and project delivery uplift across the entire project team.

By automating and migrating legacy infrastructure, applications - and unknown and undocumented configurations - from the ground up onto AWS, environments are able to be ‘spun-up’ on demand in substantially less time than before, rendering the environment more agile and responsive for the business and its services to customers.

Combining skilled teams in both project management and specialist cloud automation ensured adherence to best practice, industry regulations and a standardised approach for the entire cloud migration to AWS from the existing infrastructure.

The migration project was delivered on time and without downtime and provides an automated environment that is secure and scalable for our client developers to support core enterprise operations into the future.