\

Business - Effectiveness
Now Comes First

Sapiens Decision is a division with Sapiens that offers an enterprise-wide decision management solution that enables business users to model, manage and execute automated decisions. The group sought to respond to the ever-changing digital environment by creating a toolkit in the cloud that would allow its customers to better implement and process changes
across their businesses.

Sapiens looked for a company that would design a SaaS solution and migrate to the cloud its decision management offerings with a highly secure, available and resilient infrastructure, while integrating automation of provisioning and deployment from a centralized management environment.

The solution would be required to integrate multi-tenancies, with completely separate entities, databases and access. Additionally, the sensitivities of the financial field require a high level of security under stringent controls, so no tenant’s activities could affect any other tenant. The challenge was creating a unified SaaS platform that would provide central administration of all tenants, under these conditions.

The Solution

The first question during software or IT solution processes has historically been about cost-effectiveness. CommIT, Israel’s leading systems house, believes that the tables have turned thanks to the capabilities and strengths that can be achieved via Amazon Web Services (AWS) services and cloud options: business-effectiveness now comes first.

The comprehensive managed services solution proposed by CommIT covered a large array of services: Network Operations Center (NOC), Security Operations Center (SOC), DevOps and Disaster Recovery (DR). This extensive suite is hosted on AWS and utilizes its cutting-edge services. By monitoring the tenants’ performance and security status, problems are identified early and handled quickly, often before they have any real impact on the tenant users.

CommIT offered a SaaS solution that was built according to the principle of tenant isolation at the AWS account layer. This means that each tenant is completely separated, but the access and control can be centralized via the AWS Identity and Access Management (IAM) roles and policies, working with the AWS managed directory.

The specific usage of the platform is securely protected and completely individual at the tenant level, and upgrades to the tools system is performed seamlessly. This architecture was proposed because it was critical to design the most business-effective solution with maximum security and isolation between customers, while providing centralized management, ease of maintenance and automatic deployments.

Financial Services Requirements
& Additional Advantages

The financial services industry requires setting up dedicated environments per tenant. Each environment means higher costs per tenancy, but the ability to truly manage each one securely and independently, by implementing measures such as tenant anonymization and centralized credentials for administration purposes, is crucial. The security provisions for each tenant’s environment – secrets, credentials and public and private keys – were established securely via AWS managed services, such as key management services (KMS), the systems manager secure parameter store, AWS secrets service and security audits, with a centralized security information event management system.

Another advantage of this model is the speed and ease of CI/CD automation. In the past, any new application version would entail significant end-customer downtime and could take many hours, or even days. Also, cloning environments – which are crucial for User Acceptance Tests (UAT) – was practically impossible and clones were often not truly reliable.

To ensure that no data is lost in case of catastrophes – natural or man-made – CommIT designed and built a Disaster Recovery as a Service (DRaaS) plan for Sapiens. From the moment the incident occurs – and the decision is made to recover data, applications and services in the DR environment (whether per tenant or the whole application) – automation scripts ensure that the impact on the business is minimal. CommIT’s scheme relies heavily on AWS resources: the DR database is activated on RDS, Amazon Route 53 updates the DNS records, and the application uploads itself from the latest Amazon Machine Images (AMIs) stored on Amazon S3.

The choice of AWS as the platform for this SaaS Solution was due to its versatility, strength and maturity. The tools and features unique to the AWS Cloud contributed to the success of this business-oriented project.

Benefits & Outcomes icon

CommIT developed scripts and admin tools for environment provisioning within hours. The tailor-made automated tools allow for development and creation of new environments within minutes.   Each tenant that wishes to create a sub-environment for UAT or ad hoc for support purposes, can do so at the touch of a button. This allows the tenant to proactively troubleshoot incidents in a secure manner, in a true-to-reality environment.

Another characteristic of the finance world is a high level of adherence to standards, guidelines and regulations. CommIT utilized AWS tools, such as AWS Config and third-party tools, to comply with international standards. Together, these tools create alerts and reports that CommIT’s managed services rely on – whether in reaction to real-time incidents, or by identifying trends and threats within the various systems.

To ensure that no data is lost in case of catastrophes – natural or man-made – CommIT designed and built a Disaster Recovery as a Service (DRaaS) plan for Sapiens. From the moment the incident occurs – and the decision is made to recover data, applications and services in the DR environment (whether per tenant or the whole application) – automation scripts ensure that the impact on the business is minimal. CommIT’s scheme relies heavily on AWS resources: the DR database is activated on RDS, Amazon Route 53 updates the DNS records, and the application uploads itself from the latest Amazon Machine Images (AMIs) stored on Amazon S3.

The choice of AWS as the platform for this SaaS Solution was due to its versatility, strength and maturity. The tools and features unique to the AWS Cloud contributed to the success of this business-oriented project.

Sapiens Decision

Sapiens is a leading global provider of software solutions for the insurance and finance industries. All large organizations – from banks and insurance companies, to manufacturers and capital markets – face similar challenges: digital transformation, changing regulatory requirements, increased competition, pressure to rapidly bring new products to market and demanding customers. In the face of these pressures, organizations’ business domains must fundamentally change how they operate and govern their businesses to keep up with the rapid pace of change, and to create efficiencies for the organization and its customers

Sapiens Decision is a set of complete decision management solutions that place software development in the hands of the business domain and enforce business logic across all enterprise applications. Decision effectively addresses the complexity of determining and then translating business logic – data, business rules and machine learning used to make business decisions – into operational code..

monitoring and support icon

Monitoring and Deployment

The comprehensive managed services solution proposed by Commit covered a large array of services: Network Operations Center (NOC), Security Operations Center (SOC), DevOps and Disaster Recovery (DR). This extensive suite is hosted on AWS and utilizes its cutting-edge services. By monitoring the tenants’ performance and security status, problems are identified early and handled quickly, often before they have any real impact on the tenant users.