Case Study

Validus is a leading independent advisor on fund finance solutions and market risks such as FX, interest rates, commodities, and more.

The challenge

Validus has experienced significant growth, and its AWS use has also grown over time, which meant the time was right to get back to basics and check the fundamentals.

Having previously worked with Rebura, Validus engaged us to do a deep-dive into the account to look at any security concerns and improvements to the infrastructure.

As with any fast-growing business, it can be difficult to bring in enough resource, so Validus needed our help quickly. After an initial conversation, we started the risk register the following day and delivered results a week later.

Alongside this, Validus also highlighted that it had no cloud management or cost optimisation process in place. We introduced their team to our free cost optimisation offering and Validus immediately joined, making significant savings from the outset.

The solution

Rebura recommended and carried out a risk assessment and audit which covered a variety of fundamentals, including:

• Access management and account setup
• Analysis of security groups, password policies, access keys, IAM access, root account usage
• Documentation of application flows and dependencies
• Monitoring and encryption
• Technology audits

Rebura also engaged in discussions around Validus’ longer-term strategy, which helped inform our recommendations for the business. Rebura produced detailed documentation, including:

• Risk register - using a traffic light-based system based on scores for likelihood, severity, and impact of issues
• Audit documentation – an in-depth look at the key findings, recommendations, and future plans

The results

Validus was able to undertake some of the work in-house, and then Rebura addressed the remaining issues, which included:

• Implementing a new backup solution – utilising Druva Cloudranger
• Encrypted volumes on EBS
• Encryption on RDS
• Stopped usage of the Root Account and enabled MFA on it
• Forced all users to implement MFA
• Set up a strong password policy
• Reworked resources being on public subnets

As a result, the Validus infrastructure is significantly more secure, and an on-going cost optimisation programme is now in place to improve efficiency overall. Crucially, the team is better equipped to successfully scale at pace to meet their business needs and future growth plans.