Case Study
Instinet’s Secure Migration to AWS: The “Landing Zone” Initiative
Instinet’s Migration to AWS helps modernize legacy infrastructure, improve operational efficiency, meet security demands, and scaling business volumes.
Executive Summary
The speed, scale, and complexity of the global capital markets business continue to accelerate. As a global agency-model brokerage that delivers tech-enabled services spanning the trading life cycle, Instinet needed to improve technology operational efficiency and capacity in order to stay in front of its clients’ needs. Instinet made a strategic decision to innovate quickly and to decisively expand capacity, functionality, “fluidity,” and nimbleness. They engaged Ness to enable and facilitate a secure migration to AWS, beginning with building out an AWS Landing Zone.
About Instinet
Instinet provides technologically advanced, agency-model brokerage services to institutional clients worldwide and is the wholly owned execution services arm of Nomura Group. They help institutional investors create, protect and capture alpha, reduce complexity, and lower overall trading costs to ultimately improve investment performance.
Instinet seeks to add value across the investment life cycle, providing:
- Market Insights
- Trading Services
- Liquidity Venues
- Workflow Solutions
The Challenge
- Instinet’s traditional on-premise infrastructure and data architecture struggled to scale to the volume of business that it currently sees and forecasts in the future, creating potential risks for the customer experience and forestalling innovation and the introduction of new services.
- Instinet had amassed huge volumes of data over its history, creating an operational and capital-expenditure burden. Continuously scaling up to the volume of data and processing requirements involved throwing more hardware at the problem to deal with spikes in peak demands. As a result, its ability to fully integrate this big data was being constrained.
- As a major financial player and a subsidiary of global Nomura Group, Instinet has understandably rigorous and demanding security requirements for its organization and infrastructure.
Why AWS
When Instinet decided to analyze external cloud providers, the firm focused on identifying a resource that would not only keep it compliant with a host of evolving global regulatory requirements but also deliver the ongoing low-latency integration, scalability, and information security that it and its clients need. AWS created the Financial Services Competency in order to specifically address the unique workflows, resiliency, security, and services that a firm like Instinet needs. AWS’s depth and breadth in the industry and its ability to customize to Instinet’s workflows made a compelling case for the efficiencies gained by moving certain components off premises and establishing a flexible and stable, cloud-enabled relationship with them.
Why Instinet Chose Ness
Instinet engaged Ness to facilitate its cloud migration because of Ness’ extensive experience working with AWS and its expertise within the financial services industry. Ness’ reputation for successfully delivering mission-critical projects to capital markets businesses made it an excellent match for Instinet.
The Solution
Ness worked with Instinet to understand the specific security requirements, the unique needs of the organization, and the intricacies of their global network to design and build a secure, cross-organization AWS environment that included:
Multi-Account Architecture
- Identity and Access Management
- Governance
- Data Security
- Network Design
- Logging
Additionally, Ness built a pipeline for Instinet to facilitate the deployment of new accounts, new policies, and new environments by leveraging the best practices of DevOps and automation. All of the infrastructure and user requirements are defined using CloudFormation templates and parameterized to facilitate easily reproducible and consistent instantiation of future artifacts. Based on the AWS Landing Zone, Ness implemented extensive custom policies to meet Instinet’s security and compliance requirements.
Results and Benefits
By partnering with Ness, Instinet was able to create a secure AWS environment with necessary guardrails to facilitate the successful migration of key elements of its business to AWS. In addition, Ness helped the organization augment DevOps best practices to ensure the optimal utilization of its cloud environment as it moves forward. Instinet now has an account “vending machine” to create, within minutes, new environments for isolating groups and activities, each with a base of required security policies that can be customized for special needs.
Utilizing the cloud in this way has accelerated the Instinet development team’s ability to focus on innovating and deploying new products that leverage their vast amount of historic data. The Landing Zone built by Ness is the foundation for a Data Lake being constructed in AWS that will enable Instinet to seamlessly integrate its historic data into the trading life cycle. With AWS, Instinet can scale as needed for a variety of AI/ML applications, providing the firm with the capacity for real-time deep learning and the heuristic optimization of its clients’ order-management and analytics processes.