Achieving agility with control in

Financial Services

Richard Ainley – AWS Solutions Architect

Who is using AWS?

Capital MarketsAsset Managers

Broker-Dealers

Clearing Agencies

Exchange/Market Centers

Financial Planners

Investment Advisors

Investment Banks

Investment Managers

Prime Brokerage

Private Equity/Venture Capital

Proprietary Trading

Regulatory Agencies

REITs

Universal Banks

Venture Capital

Wealth Management

Commercial Banking/PaymentsBanking Services

Bitcoin

Card Services

Check Processing

Collections

Commercial Banks

Consumer Credit

Core Banking Platforms

Credit Agencies

Credit Unions

Lending

Loan Servicing

Micro Finance

Mobile Payments

Payment Services

Payments Platforms

Retail Banks

Industry Service ProvidersAnalytics Platforms

Anti-Money Laundering

ATM Networks

Capital Markets InfrastructureData Management Solutions

Financial Information

Lending Technology

Market Data

Risk Management/ComplianceTrading Technology

InsuranceInsurance Collections

Life Insurance

Property & Casual

Reinsurance

Trusted by FSI Across All Market Segments

Startup Customers

Meerkat

Enterprise Customers

Why FS customers choose AWS

Trade CapEx for OpEx Low ongoing cost Global Reach

S

Focus on Security & Enabling Compliance

AWS provides the same, familiar approaches to security and compliance that companies

have been using for decades – with increased visibility, control, and auditability.

Visibility

View your entire infrastructure with one

click

Deep insight with

AWS CloudTrail

Control

You have sole authority on where

data is stored

Shared responsibility

model

Auditability

3rd party validation – certifications for workloads that matter

“Based on our experience, I believe that we

can be even more secure in the AWS cloud

than in our own data centers.”

Tom Soderstrom, CTO, NASA JPL

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

The Forrester Wave™: Public Cloud Platform Service Providers' Security, Q4 2014

Trade CapEx for OpEx

No need to guess

capacity

Trade CapEx for OpEx Low ongoing cost Global Reach

S

?

St. James’s Place

• FCA Regulated

• FTSE 100

• 85% of Apps on AWS

• Double capacity in peak tax season

• Greater availability and reliability

E.g. Planning for Peak Tax Season Traffic

January

Provisioned capacity

January

E.g. Planning for Peak Tax Season Traffic

76%

24%

Provisioned capacity

January

E.g. Planning for Peak Tax Season Traffic

E.g. Planning for Peak Tax Season Traffic

NovemberJanuary

Focus on business

Trade CapEx for OpEx

No need to guess

capacity

Trade CapEx for OpEx Low ongoing cost Global Reach

S

?

TECHNICAL &

BUSINESS

SUPPORT

Account Management

Support

Prof essional Serv ices

Solutions Architects

Training & Certification

Security & Pricing

Reports

Partner Ecosystem

AWS

MARKETPLACE

Backup

Big Data& HPC

Business Apps

Databases

Dev elopment

IndustrySolutions

Security

MANAGEMEN T

TOOLS

Queuing

Notifications

Search

Orchestration

Email

ENTERPRISE

APPS

VirtualDesktops

StorageGateway

Sharing &Collaboration

Email &Calendaring

Directories

HYBRID CLOUD

MANAGEMEN T

Backups

Deployment

DirectConnect

IdentityFederation

IntegratedManagement

SECURITY &

MANAGEMEN T

Virtual PrivateNetworks

Identity &Access

Encry ptionKey s

Conf iguration Monitoring Dedicated

INFRASTRUCTURE

SERVICES

RegionsAv ailabilityZones

Compute StorageDatabasesSQL, NoSQL, Caching

CDNNetworking

PLATFORM

SERVICES

App

Mobile & Web

Front-end

Functions

Identity

Data Store

Real-time

Development

Containers

SourceCode

BuildTools

Deployment

Dev Ops

Mobile

Sy nc

Identity

PushNotifications

MobileAnaly tics

MobileBackend

Analytics

DataWarehousing

Hadoop

Streaming

DataPipelines

MachineLearning

Deploy

http://aws.amazon.com/resources/analyst-reports/

Benchmarking Availability and Reliability in the Cloud:

“Analysts found customers were able to reduce

unplanned downtime by 32 percent and reduce planned

downtime by 29 percent.”

RSA CIO cuts 75%

costs

+

Improves agility and

reliability

http://www.cio.co.uk/news/cloud-computing/rsa-cio-cuts-75-from-costs-with-aws-3601262/

Speed and Agility

Speed, agility and

innovation

Focus on business

Trade CapEx for OpEx

No need to guess

capacity

Trade CapEx for OpEx Low ongoing cost Global Reach

S

?

Speed and agility

Infrastructure in minutes not weeks

Number of Instances 1,000

Instance Type M3 Extra Large

Availability Zone US-West-2b

Launch

aws. am azon.com/management console

AWS:

Infrastructure in MinutesOld World:

Infrastructure in Weeks

Add New Dev Environment

Add New Prod Environment

Add New Environment in Japan

Add 1,000 Servers

Remove 1,000 Servers

Deploy 1 PB Data Warehouse

Shut down 1 PB Data Warehouse

Speed and agility

Infrastructure in minutes not weeks

Evolving our network

topology, scaling across the globe, and deploying new

services are never more than

a few actions away

By using AWS, Simple can

automate processes that once took months

Our main corporate database

system is now recoverable in under an hour, where

previously it used to take us

around 48 hours to recover from tape backup

On-Premises

Experiment Infrequently

Failure is expensive

Less Innovation

Experiment Often

Fail quickly at a low cost

More Innovation

$ Millions

Nearly $0

Speed and agility

A culture of innovation

Why is agility important to FS?

US Health

Insurance

Credit

Bureaus

“Technology is transforming banking and innovation is

one of Deutsche Bank’s core values. These labs will act

as a bridge between start-ups and different parts of the

Bank, enabling it to apply innovative technology to

enhance service to clients and internal processes.”

Henry Ritchotte

Chief Operating Officer and Chief Digital Officer of Deutsche Bank

https://www.db.com/medien/en/content/5060_5196.htm

Why is agility important to FS?

Adopt a different perspective

“Our busiest branch in 2014 is the 7:01 from Reading to Paddington - over 167,000 of our customers use our Mobile Banking app between 7am and 8am on their commute to work every day. Over 2.1 million customers use our mobile app every week.”

Ross McEwan

CEO

Royal Bank of Scotland

http://www.bbc.com/news/business-your-money-26365616

What about deployment models?

CONTINUOUS

DELIVERYSMALL, FREQUENT CHANGES

Cloud software development lifecycle

MonitorProvisionDeployTestBuildCode

AWS Elastic Beanstalk

AWS OpsWorks

CloudWatchCloudFormationAWS

CodeDeploy

AWS

CodeCommit

AWS

CodePipeline

Automation and configuration management

Declarative Approach to:– Provisioning

– Configuration

– Orchestration

– Reporting

Elastic

Beanstalk

CloudFormation

OpsWorks

Continuous Integration / Continuous Delivery

• Help prove code quality and function repeatedly with predefined results

• Lots of options; self hosted, open source, closed source, and SaaS

• Monitoring, testing, validation

• Plugins

What is DevOps?

« DevOps is the practice of operations and

development engineers participating together in

the entire service lifecycle, from design through

the development process to production support »

- theagileadmin.com

11.6s

Average time

between

deployments

(weekday)

1,079

Max number of

deployments in

a single hour

(or approx

every 3

seconds)10,000

Average number

of instances

simultaneously

receiving a

deployment

Taking our own medicine :

the ‘amazon.com’ caseDevOps

Set up small teams

Each team is truly cross-functional

Product Owner, Developer, Tester, Operations, BA / QA

A software development method that stresses

collaboration and

integration between Development

& Operations, often using Agile techniques such as Scrum & Kanban

Code

Build

Test

Deploy

Provision

Monitor

Change.ppt

• People

• Process

• Technology

People & Teams

Small teams

Cross functionalPurpose

OwnershipAutonomy

Trust

Technical freedom

Strong technically

Ability to learn

Process

Budget & Capacity Mgt

Old vs NewIT OperationsTeam self

service

Process

Deployments

NOC

Coordinating

Teams:

- Development

- Deployment

- Release

- Operations

Old vs New

Technology

Automate

Infrastructure as code

Test everythingVisibility through tooling

Measure & monitor

everything

Process

Security

Operational

function

Governance

functionOld vs New

Agility vs Control

Goal: Agility + Control

Agility vs Control

Central

Services

Team

Enforces

Governance & Policy

AWS

Agility vs Control

Central

Services

Enforces

Governance & Policy

AWS

Infrastructure

Request

Team

Agility vs Control

Central

Services

Enforces

Governance & Policy

AWS

Infrastructure

Request

Team

Agility + Control

Central

Services

AWS

Policy, tools

Best Practices

Infrastructure

RequestMonitoring

Team

Visibility, Auditability, Control

Focus on Security & Enabling Compliance

“Based on our experience, I believe that we can be even more secure in the AWS cloud than in our

own data centers.” – Tom Soderstrom, CTO, NASA JPL

AWS provides the same, familiar approaches to security and compliance that companies

have been using for decades – with increased visibility, control, and auditability.

Visibility

View your entire infrastructure with one

click

Deep insight with

AWS CloudTrail

Control

You have sole authority on where

data is stored

Shared responsibility

model

Auditability

3rd party validation – certifications for workloads that matter

VISIBILITY

HOW OFTEN DO YOU MAP YOUR NETWORK?

WHAT’S IN YOUR ENVIRONMENT

RIGHT NOW?

Cloud Computing

You are making

API calls...On a growing set of

services around the world…

AWS CloudTrail

is continuously recording API

calls…

And delivering

log files to you

AWS CLOUDTRAIL

RedshiftAWS CloudFormation

AWS Elastic Beanstalk

AUDITABILITY

Continuous ChangeRecordingChanging

Resources

AWS Config

History

Stream

Snapshot (ex. 2014-11-05)

AWS Config

AWS Config

Use Cases

Security Analysis Audit Compliance

Change Management Troubleshooting

CONTROL

First class security and compliance

starts (but doesn’t end!) with encryption

Automatic encryption with managed keys

Bring your own keys

Dedicated hardware security modules

AWS Foundation Services

Compute Storage Database Networking

AWS Global Infrastructure Regions

Availability Zones

Edge Locations

Client-side Data Encryption

Server-side Data Encryption

Network Traffic Protection

Platform, Applications, Identity & Access Management

Operating System, Network, & Firewall Configuration

Customer applications & contentC

ust

om

ers

Security & compliance is a shared responsibility

Customers have

their choice of

security

configurations IN

the Cloud

AWS is

responsible for

the security OF

the Cloud

LONDON