A data-driven proof of concept enables global insurer Ageas to move their data analysis system to the cloud with confidence.
Ageas is an award-winning and leading insurance company, headquartered in Brussels. With operations in 14 countries worldwide, employing 45,000 people, Ageas provides over 40 million customers with peace of mind, when they need it most.
Ageas UK offers 4.8 million customers non-life insurance products for three core personal insurance product areas – home, motor and travel – through a range of channels, including brokers, high-profile affinity partners and direct to the customer through its own brands.
Ageas UK holds and maintains a vast amount of data, enabling it to provide customers with the most accurate, up-to-date and real-time quotes and services. In order to obtain the insights and information Ageas need to operate and run the business efficiently, its large internal data analytics team built an on-premise system, known as Insurance Hosted Providing (IHP), using Apache Hadoop as a software framework - to store, process and analyse its customer data in real-time.
However, whilst Hadoop is a powerful and effective open source platform - and had enabled Ageas to go from a 6-week lead time to sub-second insurance quotes - it’s simply too limiting and not scalable enough to meet the big data demands of Ageas. Ageas had ambitious plans to achieve real time fraud detection and adaptive pricing within 2-3 years, based on machine learning driven insights, but the existing IHP on-premise platform couldn’t deliver on this.
Given the above, and that an upgrade was due, Ageas’ team decided to migrate its current infrastructure to the cloud and had already identified Microsoft Azure as the go-to platform for its reliability, scalability and security. So, Ageas looked to Wirehive for its renowned expertise and Azure know-how, to validate its ideas and plans on a cloud-based solution via Microsoft Azure, and help Ageas to create a Proof of Concept (PoC) build.
Ageas had attempted to begin the build in the first instance, but realised they might not have the required in-house scope or expertise to ensure the end result was as robust, accurate and as secure as the existing on-premise IHP system, whilst also employing auto-scaling and multi-region availability. And, although very experienced at data processing and data scheming, Ageas had never had a data lake or a data warehouse previously, so were keen to adapt and embrace modern data warehousing and make things replicable.
The Ageas Business Intelligence (BI) team initially mapped out a design for the new solution which was validated by Wirehive in an initial discovery and design workshop. Together, Ageas and Wirehive created a PoC build during which, Wirehive continued communication with the Ageas project team and held in-depth discovery sessions, had on-going departmental meetings, and liaised with Microsoft support (for lifting soft limits for services) and the UK Fast Track team.
Wirehive’s enabled solution provides the required services for Ageas to migrate from its existing on-premises IHP solution to Microsoft Azure. Importantly, the platform can also grow and adapt to accommodate additional analytics use cases for Ageas UK.
The streaming data is now received by an Event Hub and is processed to raw storage by a Stream Analytics Job (which is required as Event Hub Capture functionality is not yet developed for the Azure Data Lake Store Gen2 API). The Stream Analytics Job also stores the streaming data in CosmosDB to allow highly performant real-time analytics capability. The batch data is collected using Azure Data Factory and is stored in Azure Data Lake Store Gen2.
An Azure Databricks workspace acts as a collaborative central unified analytics platform, accessing Azure Data Lake Store Gen2 and Cosmos DB as well as an Azure SQL Database used to provide an analytical data store and a presentation layer for analytics using Azure Analysis Service.
The identity throughout the solution relies on Azure Active Directory, with Role-based Access Control (RBAC) permissions applied to services according to a defined personas document provided by Ageas. Key Vault is utilised for secure storage for any services requiring key-based authentication.
Whilst the solution’s services are Platform-as-a-Service (PaaS), the networking connectivity utilises Virtual Network and Service Endpoints to provide additional isolation where possible and allow for private communication to services that support the Virtual Network integration; such as Azure SQL Database, and Azure Databricks (currently in preview).
The production-ready solution will be deployed using Azure Resource Manager (ARM) templates, and a new service, Azure Blueprints which allows governed and versioned control of the solution. Making use of Resource Locks, and tighter control on RBAC permissions to ensure the protection of the production environment.
Wirehive also made the following key recommendations:
External connectivity to the solution is available over a secure encrypted connection via Internet for the public endpoints, and it is recommended a private ExpressRoute connection is used for the Ageas UK office connectivity.
There are several security and governance tools available to support the platform, including Log Analytics, Security Centre, Information Protection and Azure Sentinel. These should be utilised in conjunction with and to support the existing Ageas UK toolset to provide visibility and control over the platform.
An additional Azure environment is recommended for future experimentation, PoC work and the testing of new use cases and functionality. This environment should utilise non-critical anonymised (or dummy) data for functionality testing only.
The PoC demonstrated that it was indeed 100% achievable to run the Ageas data analysis systems on Microsoft Azure, ensuring the accuracy, robustness and scalability that it required, and additionally, it dove-tailed perfectly with Ageas’ existing front-end platforms.
Ageas had a recommended, future-proofed infrastructure design for its data to incorporate adaptive pricing requirements on its roadmap. Wirehive also provided a cloud operating model so Ageas could build and integrate a cloud-first approach. This has since been adopted and rolled out by Ageas’ highly skilled in-house data team.
Wirehive Digital Consulting
Discovery & Design
Proof of Concept implementation