Problem Description:
When H&R Block came to us they were facing various challenges. Whilst already largely virtualized, their infrastructure and IT systems contained applications with many legacy features and the performance of many applications was suboptimal. Especially one of the consumer group services tended to underperform and required elastic scalability to service fluctuating numbers of consumers. Finally, as a financial services company, comprehensive and complete data security throughout their cloud solution was of critical importance and one of the main priorities for H&R Block.
Solutions Highlights:
To improve performance of the internal API Gateway and consumer group service, we migrated it to AWS using Terraform for the infrastructure as a code. However, the migration required a lot of planning and analysis, as there were complex multi-dependencies that had to be discovered and mapped out, and many legacy features that needed to be removed.
Furthermore, as this consumer group service dealt with financial data and customers’ private information, overall data security within the cloud solution was of paramount importance. Therefore, it was necessary to ensure our solution design guaranteed in transit and at rest data encryption of the highest standards.
We tackled this challenge by establishing permissions which followed the AWS Security principle of least-privilege. This allowed us to minimize the blast radius and drive the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) to down under an hour.