Cloud transformation at Euler Hermes

As the insurance industry grows more complex and fast-paced, learn why we are taking a cloud-first approach and how it makes life easier for our customers.
Euler Hermes Cloud transformation journey video

 

Audio script

At Euler Hermes, our IT systems monitor the economic activity of more than 83 million companies worldwide, and process on average 21,700 credit limit requests every day.

Each request receives a decision to grant or decline - and we deliver that decision in less than 400ms. That’s an incredible number of speedy customer and partner interactions. As the insurance industry grows more complex and fast-paced, how do we make life easier for our customers?

Simple: by being agile and having the ability to scale whilst maintaining performance.

Forget the classic infrastructure model. It’s time for a Cloud-first approach. And this is how we do it.

We design new applications to be cloud native and opt for refactoring rather than lift and shift.

This transformation therefore impacts the whole infrastructure. An important shift is Infrastructure as Code, which enables faster and easier implementations.

Infrastructure As Code also exploits serverless platforms - improving elasticity, resilience and security. The advantages of this Infrastructure transformation are clear - stability and performance of applications hosted on the public cloud landing zone.

Our small team of cloud experts build the landing zone, the AMI, provide the CICD template, and act as an internal Cloud R&D team. DevOps teams build the infrastructure as code using Terraform and manage the daily life of their cloud applications.

The tools we use for Infrastructure As Code mostly consist of Open Source solutions such as - Terraform, Packer and Gitlab.

We have set up a Terraform Modules repository as a main asset to compose and build new infrastructures and provisioning is no longer a problem.

The modules are then used by DevOps teams to build and manage their application infrastructure.

We must deliver fast response rates worldwide 24/7 without sacrificing quality. But remember - quality is key to moving fast.

This means breaking the monolith into micro-services and drawing out the best value of each service feature we build. We build our applications in a modular way with independent, loosely-coupled and stateless microservices based on RESTful APIs.

This architecture enables our data streaming bus to collect events from our microservices and recompose them to be used differently. As a consequence, we have a truly event driven architecture, where API transactional objects are exactly the same as the ones we analyze on our data analytics layer.

The apps must be designed to be elastically scalable and resilient, with no Single Point of Failure, because we must move fast without breaking anything.

With CICD, we run hundreds of test scripts daily, based on our functional and technical standards, so we never deploy anything that fails. Complete immutability of our Infrastructure makes our continuous deployment fully secure.

For our mission critical services, we design modern applications that expose metrics and health check APIs to be fully observable. We use an Open Source stack with Prometheus and Grafana to collect and analyse metrics, and to troubleshoot at any time, we use Dynamic tracing with AWS X-RAY

As a result, we have auto healing features to detect, troubleshoot and correct without disrupting the customer experience!

We’re proud of what we’ve achieved - but we’re always looking ahead and will embark on chaos engineering soon.

Security influences how we grade the value of our products. An application's value consists of its intrinsic business value multiplied by its technical value. So, if the application has security flaws, it lowers its technical value and therefore its business value too.

This is why Security is in our DNA. It's built into everything we do - and more and more it's treated as code. Our motto is to detect vulnerabilities before deploying, thanks to our CICD tooling. The tasks performed by the pipeline include vulnerability scans, and will soon include penetration tests.

Internally, applications are continuously assessed and security is a major part of this assessment. This transformation means our DevOps team spends more time exploring and assessing new ideas - so they release and deliver more frequently.

Our work delivers value directly to businesses and customers and provides you, as a user of our IT solutions, an exceptional developer experience.