With data security a critical business imperative, financial services company Sun Life Financial chose to move its existing Apache Ranger data security platform to Amazon Web Services (AWS) as part of its cloud migration process. AWS Partner Privacera offered Sun Life a seamless way to leverage its existing Apache Ranger investment, securely migrate its data without exposing sensitive elements, and implement consistent, fine-grained access controls that both ensure data security and support the company’s cloud-based analytics efforts.
Leveraging the Scalability and Security of the Cloud
Canada’s Sun Life Financial, one of the largest life insurance companies in the world, offers a broad range of insurance, investment, and asset management products and services to its clients. As a financial services company, Sun Life holds a vast amount of sensitive customer data and personally identifiable information (PII).
In 2019, Sun Life decided to migrate to AWS after recognizing its on-premise platform lacked the flexibility and scalability required to add capacity and support leading-edge analytics. Using AWS tools such as Amazon Simple Storage Solution (Amazon S3) for data storage, Amazon EMR for analytics, and Amazon SageMaker for machine learning, Sun Life created a cloud-based ecosystem that could grow with the company.
As part of the migration, Sun Life wanted to retain Apache Ranger, which it used to provide comprehensive data security across its on-prem platform. Whether on-prem or in the cloud, Sun Life needed a unified view of all sensitive data and automated fine-grained access controls to protect against unauthorized access and decrease manual complexity for its data teams. When it came time to integrate Apache Ranger with AWS, Sun Life turned to the company founded by Apache Ranger’s creators, Privacera, an AWS Partner.
“Working with Privacera and AWS has given us the tools and capabilities we need to put the customer at the center of our business and compete in a hypercompetitive market.
Don Geukers Director, Cloud Infrastructure & Operations
Enabling Analytics Through Secure Access
Soon after starting the migration process, Sun Life was able to use Privacera for data management, access control, and compliance across 200 Amazon EMR nodes.
In particular, Privacera helped Sun Life deal with two security access issues that impacted the company’s analytics efforts. First, the Canadian government has several policies around data security in which only government-approved individuals are permitted to access certain sensitive information.
One option would be to only allow access to any database containing this information to those individuals. Instead, Privacera created row-level access policies that allow authorized users full access to the database and others limited access according to their clearance level. “Enabling rowlevel access simplified our data management without compromising security,” said Don Geukers, Director, Cloud Infrastructure & Operations.
Second, while Sun Life is permitted to use large datasets for analytics, the company must ensure that PII, such as name and address, is not generally accessible. Privacera enabled column-level access controls that protect this data from unauthorized access and use.
“Because Apache Ranger is critical to the success of our entire analytics platform, so is Privacera” said Geukers. “Our goal was to get our data into a data lake as quickly as possible and then apply access rules so our people can actually use the data to generate important insights. Requests that used to take three to four weeks to program can now be reacted to in less than two days.”
Succeeding in a Time of Disruption
The leading-edge analytics capabilities enabled by Privacera and AWS will only become more important as the insurance industry continues to be disrupted by fintechs and other niche competitors. “The key is to understand our market and our customers and to find insights faster than our competitors,” said Geukers. For example, Sun Life is applying analytics in areas ranging from service desk call recordings to breach vulnerabilities, all leveraging the integrated capabilities of Apache Ranger, Privacera, and AWS. “Today, insurance companies need to be technology companies,” concluded Geukers. “Working with Privacera and AWS has given us the tools and capabilities we need to put the customer at the center of our business and compete in a hypercompetitive market.”
About Sun Life
Sun Life is a leading international financial services organization providing insurance, wealth, and asset management solutions to individual and corporate clients.