Digital Partners Enhances Security Using AWS Control Tower and AWS Security Hub

Digital Partners, a Munich Re company, is a pioneer in supporting InsurTechs in Europe and North America by providing insurance expertise, back-office operations, and more. To continue operating in compliance with the financial industry’s strict regulations, Digital Partners strives to run an exceptional cloud environment with enhanced security.

Digital Partners turned to the experts at Amazon Web Services (AWS) and decided to use AWS Control Tower—which makes it simple to set up and govern a secure AWS environment—as a foundation. To help it achieve compliance, Digital Partners also uses AWS Security Hub, which gives users a comprehensive view of security alerts and security postures across their AWS accounts. By consolidating its cloud environment on AWS, the company set up a more secure, modern architecture to power its offerings.

Digital Partners makes working with traditional insurance carriers simpler for digital-native InsurTechs by providing insurance expertise and product development support. Large established insurance companies tend to use traditional enterprise technologies. This creates challenges and friction for InsurTechs, which often begin as technology companies looking to innovate on top of the existing insurance system. Digital Partners helps fill in knowledge and infrastructure gaps for these startups, providing support for product development and pricing.

Since its founding in 2016, Digital Partners has used AWS. At that time, a third-party engineering team built the company’s original cloud environment. As it grew, Digital Partners realized that a data collection and analytics tool would be a core component of its business, so it decided to assemble an in-house technology team to migrate and manage its cloud infrastructure.

The company also saw an opportunity to differentiate itself from the rest of the industry. “Many other insurance companies tend to collect data on a monthly basis,” says Joanne Safo, global chief information officer of Digital Partners. Instead, Digital Partners wanted to build a real-time data ingestion and analytics product that was secure and simple to use for its customers.

Digital Partners assembled a lean technology team and began to build on top of its existing infrastructure. As its services grew, Digital Partners wanted to be sure that it continued to satisfy all relevant global regulatory requirements. To help it meet this objective, Digital Partners engaged the AWS Professional Services team, which helps companies realize their desired business outcomes on AWS by providing specialized skills and expertise. In 2019, Digital Partners performed a review using the AWS Well-Architected Tool, which helps businesses review their workloads and compare them to the latest AWS architectural best practices. “In doing the review, we created a road map of improvements that would align our cloud environment with the standards and protocols that AWS recommends,” says Safo.

Through support from the AWS Professional Services team, Digital Partners began migrating to an enhanced environment. The most important upgrades that the company set out to make were related to security and compliance. International rules—such as the European General Data Protection Regulation, which went into effect in 2018—place strict requirements on the insurance industry. Although the company’s existing environment was already secure, the AWS Well-Architected Review identified opportunities to improve its security posture and prepare its architecture for the future.

By following best practices and checking the compliance scores available in AWS Security Hub, Digital Partners raised its scores by about 35 percentage points to 97 percent. In addition, the company is better able to maintain a secure cloud environment by using Amazon GuardDuty, a threat detection service that continuously monitors for malicious activity and unauthorized behavior.

“AWS offers some great products out of the box,” says Safo. “That made the migration from our existing environment to the new environment straightforward.” Using AWS Control Tower enabled Digital Partners to focus on deploying its secure cloud environment quickly. “AWS Control Tower is quite configurable,” says Safo. “Trying to build customized security is difficult with a small team, but using AWS Control Tower made it simple to manage.” The company also gained better reporting and monitoring capabilities, enabling it to track issues. Further, migrating to a consolidated cloud environment on AWS and raising its level of security have positioned Digital Partners to be compliant with potential future changes to regulations.

“Another great benefit of working on AWS is the speed,” says Safo. “We had a really strict timeline for migrating some of our applications.” Digital Partners completed the first migration in less than 8 weeks—much faster than some of its previous migrations, which could take 4–6 months. When the company faced a particularly difficult challenge, it knew it could contact AWS Professional Services to find answers. “Having the support of the AWS Professional Services team helped us deploy within our timeline and is enabling us to achieve our goals,” says Safo.

The company’s cloud migration was one part of an overarching effort to upgrade its technology stack, including documentation, infrastructure, the cloud environment, and hardware. “Taking insurance into the internet age is a big deal,” says Safo. Consolidating its cloud infrastructure on AWS also contributed to the company’s mission to deliver a frictionless experience to its partners. Many InsurTechs that work with Digital Partners are built on AWS as well. “The compatibility of AWS has been a massive advantage for facilitating conversations with our partners,” says Safo. “When we’re building partnerships with other startups, we can speak the same language and share tools with ease because we’re all using AWS.” 

As Digital Partners continues building on top of its secure AWS foundation, Safo counts the architectural guidance from AWS solutions architects and the project support from the AWS Professional Services team as profoundly helpful.

The company’s collaborative work alongside AWS also manifested in its Tech Talks, sessions in which AWS discussed its culture of innovation and many more initiatives alongside Digital Partners. “We had a really great relationship,” says Safo. “It felt like we were working as one team.”