HUB International is a leading North American insurance brokerage that provides a variety of employee benefits, business, and personal insurance products. Part of HUB’s business model includes acquiring and integrating other brokerages.
Since HUB’s inception in 1998, they have acquired over 475 brokerages. Due to these acquisitions and integrations, HUB experienced complex infrastructure sprawl and needed to consolidate their data centers and increase their overall operational agility.
HUB wanted to build a proof of concept environment to gain a better understanding of how they could leverage AWS to reduce costs and increase security. AHEAD’s experts consulted with HUB to build this environment. The process consisted of:
1. Architecture Design and Development
AHEAD conducted a collaborative design workshop to develop a desired state architecture design. Based on that meeting, AHEAD created a new cloud infrastructure design for HUB’s applications, with guidance from the AWS Well-Architected Framework.
HUB received a high-level operations guide that covered operational changes for managing cloud infrastructure, the tools being leveraged, configuration specifications, and monitoring.
2. Application Migration Planning
AHEAD collaborated with HUB to figure out how HUB planned to migrate everything to AWS while consolidating their data centers. AHEAD facilitated a planning session to validate key information.
During this session, the teams mapped application components to AWS services and defined networking requirements. Virtual private clouds (VPCs) were targeted for application-specific configurations. IAM requirements were defined and custom password and permission policies were established. AHEAD and HUB validated the plan using AWS and AHEAD best practices.
3. POC Deployment for AWS Infrastructure
AHEAD deployed the AWS infrastructure and worked with HUB to configure the environment. CloudTrail configured account security. CloudFormation templates were created for all infrastructure components including: VPC, IAM, and application deployment. AHEAD implemented a tagging strategy and transferred all of this knowledge to the HUB team.
4. Application Migration Assistance
AHEAD provided guidance and assistance to the HUB team while they migrated applications into the AWS environment.
5. Image Factory
AHEAD assisted HUB in the building of an image factory which is an automated solution to updating system images across multiple accounts and regions. The image factory manages system configurations and patch baselines through code and distribute the images across multiple AWS accounts and regions.
By the end of 2018, HUB migrated over 380 VM’s to AWS. They also eliminated over 800 VMs, freeing up their data center capacity and optimizing their data center footprint.
In addition to the migration, HUB implemented a multi-faceted security program. Data identification helps HUB master their data. Advanced threat detection provides an understanding of existing and future threats. Web and email security implementations protect their end users from external threats. Their 24/7 security operations monitor their environments. Lastly, their GRC program increases security of their sensitive data. You might have caught HUB’s security team speaking about their process at re:Invent 2018.
HUB’s new environment follows best practices, incorporates business policies and corporate governance, is measurable for showback/chargeback, and is easily auditable. HUB is positioned to more quickly expand into new markets and acquire available assets that offer a competitive advantage.