Introducing Moody’s VPN for Data Bridge: Effortlessly connect your company’s network to Moody’s Data Bridge

Security landscape is continuously evolving, and organizations consistently seek innovative solutions to keep pace with the latest security trends.

Moody’s Data Bridge™, part of the Moody’s Intelligent Risk Platform™ (IRP), enables efficient T-SQL workflows for exposure analysis across insurance, reinsurance, brokerage, and insurance-linked securities (ILS) markets.

Over the past five years, the IRP has supported global insurance customers in modeling accounts, portfolios, and underwriting. It has also expanded its reach beyond insurance to include financial services such as banks and asset management firms. With a diversifying client base, Moody’s Data Bridge continues to develop solutions that meet evolving security and compliance requirements.

At Moody’s, we have consistently prioritized security requirements for connecting to Moody’s Data Bridge, historically implementing IP address whitelisting for user devices and application services utilizing ODBC/JDBC connections. As security requirements continue to evolve, we remain committed to advancing our capabilities and establishing industry-leading solutions that align with best practices across various industries.

At the outset of this year, we are pleased to announce the introduction of Moody’s VPN for Data Bridge, a specialized site-to-site virtual private network (VPN) solution developed to securely and efficiently integrate your organization's infrastructure with Data Bridge instances within your Intelligent Risk Platform tenant.

Introducing Moody’s VPN for Data Bridge

Moody’s VPN for Data Bridge provides secure connectivity between your organization and your IRP tenant by establishing a dedicated and encrypted network tunnel over the public Internet. Cat modelers, underwriters, and exposure managers can now securely access Data Bridge and perform operations through their organization's VPN connection.

This solution ensures all connections are made from machines within your organization’s infrastructure, preventing unauthorized access to sensitive information. It fulfils an essential requirement for secure connections, ensuring that business users remain connected to their company’s VPN to safeguard the confidentiality and integrity of all transmitted information.

In network terms, VPN for Data Bridge provides secure site-to-site VPN access to the Data Bridge. Using a pre-shared key supplied by your organization, an IPSec tunnel encrypts traffic between infrastructures over the internet for a confidential connection with Data Bridge.

Moody’s VPN for Data Bridge provides an array of robust security features:

• Encryption: All T-SQL data transmitted between business users and Moody’s infrastructure is secured using advanced protocols such as IPsec, ensuring intercepted data remains inaccessible.
• Best path selection: The solution enables the configuration of multiple network paths based on diverse criteria (including AS path length and local preference), facilitating the evaluation and selection of the most efficient route.
• Policy enforcement: Administrators are empowered to establish traffic flow rules, allowing for more sophisticated path selection than basic metrics permit.
• Data integrity: Integrated mechanisms safeguard transmitted data against alteration, ensuring it remains intact and protected from tampering.

Key features of Moody’s VPN for Data Bridge

Moody’s VPN for Data Bridge is seamlessly integrated with Moody’s Intelligent Risk Platform, offering a self-service solution that empowers administrators to manage connectivity efficiently. This is designed to address the varied requirements of enterprises by delivering a robust security framework that is both scalable and easily adaptable.  

Figure 2: VPN configuration for Moody's Data Bridge

Five notable features of the VPN for Data Bridge solution:

1) IRP administrators can use self-service tools to plan and adjust any network changes for their tenant easily.

2) The system accommodates both Static and BGP traffic routing. Border Gateway Protocol (BGP) routing is the core protocol that enables different large networks to exchange routing information. It is an essential protocol for VPN connections—especially MPLS Layer 3 VPNs and dynamic site-to-site arrangements—that offers scalability, advanced routing policy management, and adapts swiftly to evolving environments, making it well-suited for complex VPN setups.

Figure 3: Static/BGP VPN traffic routing configuration

3) Users can securely store and oversee the pre-shared key for VPN encryption in one location on the Moody's Intelligent Risk Platform, ensuring easy tracking whenever key updates occur.

Figure 4: Encryption key management

4) Every change to VPN connectivity is logged as a job, allowing for thorough monitoring of modifications.

Figure 5: Job log for VPN changes

5) A robust API toolkit is available for fully automating the VPN configuration setup used for connectivity. This can be helpful when organizations would like to switch tunnels automatically.

Another significant advantage of this solution is that business users are not required to install any additional VPN client software on their desktop computers; they connect to their organization’s VPN as normal. Once connected, the system operates in the background, seamlessly establishing connections to Data Bridge without manual intervention.

Delivering operational efficiency

The VPN features offered by Moody's Data Bridge help support teams simplify their workflows, boost efficiency, and avoid possible disruptions. Removing the need to manage IP whitelisting reduces administrative tasks, allowing support staff to focus on essential business priorities, leading to improved operational performance. With this solution, business users no longer need to raise service tickets due to changes in their machine's IP address when working from different locations.

Promoting compliance with organizational regulatory standards

Implementing Moody's VPN for Data Bridge enables organizations to securely transmit data, helping to meet regulatory obligations related to data protection and privacy:

• Compliance with data protection laws: Insurance and financial services organizations, such as banks and asset management firms, must adhere to numerous data protection regulations, including the General Data Protection Regulation (GDPR) in Europe, the Health Insurance Portability and Accountability Act (HIPAA) in the United States, and various regional statutes. These frameworks mandate robust measures to safeguard personal information, maintaining its confidentiality and integrity.
• Establishing secure communication channels: By utilizing VPN for Data Bridge, organizations can demonstrate the adoption of secure communication channels as an integral component of their compliance strategies. This proactive approach is especially valuable during audits or in response to potential data breaches, highlighting the organization’s commitment to data security.
• Controlled access management: The use of VPN for Data Bridge empowers companies to regulate access to data transmitted over public networks. Additionally, this mandates that connections to Data Bridge instances are established exclusively through devices supplied by your organization, thereby upholding an essential security standard. This ensures adherence to the principle of least privilege and strengthens compliance efforts.
• Comprehensive audit trails: Moody's VPN for Data Bridge incorporates advanced logging and monitoring capabilities that systematically document connections, data transfers, and access attempts. These audit trails are essential for compliance reporting and enable security teams to identify and investigate unusual or unauthorized activities indicative of potential security incidents.

In summary, Moody’s VPN for Data Bridge simplifies site-to-site VPN connectivity by offering a unified and secure infrastructure, all tailored to integrate seamlessly with your organization’s existing network. This solution helps equip companies across industries with powerful tools to enhance their network security, comply with regulatory demands, and streamline operations.

With Moody’s VPN for Data Bridge, insurers can establish a robust, protected network foundation that safeguards essential data, fulfills operational needs, and supports future growth and innovation.

To start your journey of adopting Moody's VPN for Data Bridge, contact us at sales@moodys.com.