What is Experian Hosted Aperture Data Studio?
Experian Aperture Data Studio Hosted and Managed service is an Experian hosted Aperture Data Studio installation, provided as an alternative deployment option for customers who cannot (or prefer not to) install on-premise.
Instead of the normal installation of the solution on-premises, the process will be the following:
- Experian sets up Windows infrastructure on Microsoft Azure Cloud with specifications according to customer workload requirements (per a completed scoping questionnaire).
- Experian installs the infrastructure.
- Experian provides the customer with access to the Aperture Data Studio software*, accessed via a web browser. The customer will not have direct access to the virtual machine / underlying infrastructure.
- Experian backs the system up regularly.
- Experian monitors the alive state of the system.
- Experian provides periodic software updates to the operating system and applications.
*Note: Aperture Data Studio software provisioned will be a new standard version without any workflow solutions or custom add-ons. If you require workflow solutions or custom add-ons, professional services can be engaged with additional charges.
When is Experian Hosted Aperture Data Studio available?
Experian Hosted Aperture Data Studio was technically made available from v2.3.0 released in March 2021. It is currently available for the UK and North America regions (coming soon for Australia).
Where is it being hosted?
The solution is hosted in Microsoft Azure as a cloud application. A choice of geographical region is available subjected to what Azure can provide. You can find general guidance here and get in touch with us to get a formal recommendation.
Is Hosted Aperture Data Studio multi-tenant?
The Azure platform is a multi-tenant platform. Multi-tenant means that Microsoft is using the same infrastructure across their multiple customers. Experian is one of Microsoft’s customers.
The Aperture Data Studio application itself, is deployed based on a single tenant model where each Experian customer will have their own exclusive subscription under the Experian account. Each Experian client will have their own unique instance of Aperture Data Studio, distinct, isolated and separate from all other customers.
What controls are in place in terms of security?
The configuration strictly adheres to rigorous Experian Global Security Policies. Our Global Security policies are modelled after the International Organization of Standardization (ISO)27001 standards.
Network security, IP whitelisting, multi-factor authentication, encryption for data in transit and encryption for data at rest are in place.
What are the differences when compared to an on-premise installation?
In general, new features released for Aperture Data Studio will be available for both on-premise installation and the Experian Hosted deployment. However, there are some exceptions as follows:
- Subject to fair usage policy.
- No SAML/LDAP connectivity to own identity providers. Must use MFA with Azure B2C Multi-Factor Authentication.
- No connectivity to on-premise data sources. They are usually behind your company firewalls.
- No dataset dropzones on Aperture Data Studio server. Can use Experian STS, Azure Blob Storage or Amazon S3 dropzones or upload via user interface.
- No direct access to export directories on Aperture Data Studio server. Can export to Experian STS, Azure Blob Storage or Amazon S3 or download via user interface.
- Custom steps allowed conditionally. Must submit source code for onboarding. Experian security standards will apply.
- Workflow management via REST APIs must be explicitly requested. To minimize security exposure.
- No ODBC.
- No ODATA.
- No Find Duplicates workbench.
- No Find Duplicates Real-Time APIs.
- No Remote Find Duplicates server. We use a local separate instance.
What involvement from the customer is required for the installation?
While Experian will be handling the installation, there are some pre-requisites we require from the customer as follows:
- Provide requirements for scoping exercise (mandatory).
- Provide client machines’ IP addresses for IP whitelisting (mandatory). This is a security measure to ensure only trusted client machines gain access to Hosted Aperture Data Studio. Typically, every company would already have a list/range of IP addresses they own or recognized.
- Provide a mobile phone number (per user) for Multi-Factor Authentication (mandatory). This is a security measure where you will receive an authentication code via text message on your mobile phone that will be used to access Hosted Aperture Data Studio.
- Whitelist Experian’s IP ranges (as required). Some companies may block access to external IP addresses. If you are still unable to access Hosted Aperture Data Studio after we have whitelisted the client machines, we will provide a list of Experian IP ranges so your IT department can do the needful to allow traffic to Hosted Aperture Data Studio.
- Get clearance from IT and Security (as required). You must ensure that you obtain any required clearances from your internal security team before you proceed with Hosted Aperture Data Studio. IT involvement should be minimal, but you may still need IT to provide what we need for IP whitelisting.
What are the essential questions to be considered in terms of sizing and performance?
The hosting infrastructure will be sized based on a scoping exercise to access your workload and requirements. Essential questions to consider:
- What business outcomes are you trying to achieve?
- What is the nature and volume of data you intend to process?
- How many concurrent users do you expect to use the system?
- Do you want to include any non-Production environments for your development or testing purposes?
- Are there any other special requirements (for example, any functional, performance, regulatory requirements) that we should be aware of?
- Do you have any concerns on the differences in terms of features when comparing Hosted with the on-premise model?
Can I use Personal Identifiable Information (PII) on the Hosted environment?
Customers decide what data they want to load into Aperture Data Studio in the Hosted environment.
We have included security controls based on Experian Global Security policies to protect the customer’s environment. Our Global Security policies are modelled after the International Organization of Standardization (ISO) 27001 standards.
Customers should be aware that Experian personnel may be exposed to the data contained within the customer’s environment as part of the application management and support process.