Expert Thinking supports a UK building society go-live with its mobile banking application on AWS. Working with our customer and the third-party mobile application development team, we designed and implemented a greenfield AWS IaaS-PaaS converged environment that met internal and regulatory security and compliance standards, using full automation of the environment provisioning to serve non-production and production on-demand.
PROBLEM & IMPACT
Our customer needed a trusted advisor to design and build the AWS environment, assuring not only the cloud platform but also an independent, expert view of the third-party mobile application design, build and deployment. The team needed to deal with:
- Speed of design and implementation – the platform design needed to be completed within a week and the implementation to follow an aggressive delivery timeline
- Limited understanding of cloud design concepts – the platform design was driven by the application design, and the application design was itself using legacy concepts
- Internal and regulatory security and compliance requirements needed to be met, and were audited by an external third-party
- Limited knowledge or experience using AWS – the internal teams needed hand-holding and upskilling throughout to be able to take ownership of and support the AWS environment moving forwards
- Governance and control of change to environments – consistency and stability of environments is paramount
The AWS solution design provided several layers of security, ensuring perimeter security, data security and access control were tightly defined and controlled. Technical, process and data security practices were implemented to provide end-to-end security of the environment from both a build and operational governance perspective.
The AWS platform design followed a standard proprietary pattern used by Expert Thinking for financial services companies tailored to meet the specific needs of the third-party mobile application.
Provisioning of environments was fully automated using Hashicorp Terraform to assure consistency across non-production and production ensuring no defects or inconsistencies could be introduced through manual intervention, and provide confidence of production stability through deployment rehearsals in non-production.
Throughout, Expert Thinking worked closely with the third-party application development team to ensure the requirements of the application platform were met, and provide an independent, expert view to how the application design may be adjusted to align with cloud design concepts.
The solution delivered met all the stated goals, in good time and passing the external independent audits, penetration tests, etc.
We successfully delivered a secure, compliant, performant, auto-scaling, cost-optimised AWS cloud platform that meets all internal and external regulatory requirements. Our involvement meant that our customer avoided many of the pitfalls inexperienced teams often fall foul of when developing cloud solutions for the first time – evidenced by the delivery of an initial environment within two weeks and the success of our customer’s mobile application.