Case Studies

Validus

RISK ASSESSMENT AND AUDIT
Risk register, managed backup and cost optimisation. Validus is a leading independent advisor on fund finance solutions and market risks such as FX, interest rates, commodities, and more.

The Challenge

Validus has experienced significant growth, and its AWS use has also grown over time, which meant the time was right to get back to basics and check the fundamentals.
Having previously worked with Rebura, Validus engaged us to do a deep-dive into the account to look at any security concerns and improvements to the infrastructure.
As with any fast-growing business, it can be difficult to bring in enough resource, so Validus needed our help quickly. After an initial conversation, we started the risk register the following day and delivered results a week later.
Alongside this, Validus also highlighted that it had no cloud management or cost optimisation process in place. We introduced their team to our free cost optimisation offering and Validus immediately joined, making significant savings from the outset.

The Solution

Rebura recommended and carried out a risk assessment and audit which covered a variety of fundamentals, including:
  • Access management and account setup
  • Analysis of security groups, password policies, access keys, IAM access, root account usage
  • Documentation of application flows and dependencies
  • Monitoring and encryption
  • Technology audits
Rebura also engaged in discussions around Validus’ longer-term strategy, which helped inform our recommendations for the business. Rebura produced detailed documentation, including:
  • Risk register - using a traffic light-based system based on scores for likelihood, severity, and impact of issues
  • Audit documentation – an in-depth look at the key findings, recommendations, and future plans.
“From this we have been able to enhance our product offerings and security for our clients, and in the process make significant cost savings in the region of 25% that we have been able to reinvest into new projects and products.”

The Results

Validus was able to undertake some of the work in-house, and then Rebura addressed the remaining issues, which included:
  • Implementing a new backup solution – utilising Druva Cloudranger
  • Encrypted volumes on EBS
  • Encryption on RDS
  • Stopped usage of the Root Account and enabled MFA on it
  • Forced all users to implement MFA
  • Set up a strong password policy
  • Reworked resources being on public subnets
As a result, the Validus infrastructure is significantly more secure, and an on-going cost optimisation programme is now in place to improve efficiency overall. Crucially, the team is better equipped to successfully scale at pace to meet their business needs and future growth plans.
Ross Humphrey, Development Team Lead at Validus, explained: “Given a tight deadline, Rebura were able to quickly complete a risk register for our organization within a very short time frame. They were then able to help quickly remediate high priority items and work with us on making our operating environment more secure, offering us further areas of improvement to consider.”
Dive deeper into your cloud architecture and make sure you’re getting the best performance across every facet of your AWS account.