Ness Conducts Well-Architected Review at jaccomo

Case Study

Ness Conducts Well-Architected Review at jaccomo

Executive Summary

Ness was engaged by jaccomo to conduct an AWS Well-Architected Review  (WAR) of the software company’s AWS disaster-recovery environment. The WAR revealed areas for improvement related to security and operational excellence. Ness worked closely with jaccomo to remediate the findings of the WAR using minimally invasive additions and out-of-the-box configurations. In less than a week, Ness strengthened jaccomo’s overall business posture as it prepares to expand its use of AWS infrastructure and services.

About jaccomo

Founded in 2002, jaccomo provides operations, compliance, financial-reporting, e-form, and workflow capabilities to financial services companies. The company’s proprietary Back and Front Office software provides a secure, scalable, and automated platform to integrate data, automate business processes, and provide analytics to senior management. jaccomo’s clients include institutional broker-dealers, registered investment advisors, banks and retail companies.

The Challenge

jaccomo’s continued growth requires high availability to meet the growing needs of its clients. The company currently runs its workload in a colocation data center with a disaster-recovery environment in AWS. Accordingly, jaccomo required that improvements to its disaster-recovery environment would involve minimum manual intervention and would need to be aligned with its existing on-prem security posture.

Why AWS

The AWS Well-Architected Framework provides cloud architects with a consistent approach for building secure, high-performing, resilient, and efficient infrastructure for applications. A WAR assesses an application across five pillars—Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization—and provides a path to improvement or remediation. WARs are often provided to clients free of charge by AWS Well-Architected Partners.

Why jaccomo Chose Ness

Ness is an AWS Advanced Consulting Partner with Financial Services, Migration, and DevOps Competencies. The firm combines business domain knowledge, technical expertise, and an Agile delivery process to address the unique challenges of financial services businesses. A member of the AWS Well-Architected Partner Program, Ness was the ideal partner to evaluate and improve jaccomo’s AWS environment.

The Solution

Nss worked jointly with jaccomo to address specific security and expected functionality concerns. Specific resources received enhanced security using AWS-native functionality to encrypt and restrict permissions.

  • AWS Control Tower was implemented to provide central management of multi-account setups, in anticipation of an expansion of jaccomo’s AWS usage.
  • AWS SSO was implemented to provide central user management and a mechanism for providing expirable user credentials (instead of manually managed IAM users/access keys).
  • Security groups were reviewed and tightened to reduce potential attacks.
  • EC2 IAM roles were used to eliminate the need for “service user” IAM user accounts (and the resulting access keys, which were a potential security vulnerability).
  • Amazon EBS volumes were set up to use Amazon KMS encryption by default.
  • Existing AWS CloudWatch infrastructure monitoring was enhanced.

Results and Benefits

Ness leveraged its AWS expertise and deep knowledge of financial services businesses to deliver the solution on time and on budget. Ness provided invaluable strategy and insight into our mission-critical systems,” said Robert McGill, CEO at jaccomo. “Their team helped us implement AWS best practices, allowing us to shore up our disaster recovery strategy.”