Financial Services in the Cloud: 3 “Issues” that Aren’t
With there being no universally agreed upon answer to, “What is the Cloud,” you would be hard-pressed to find a company in the Financial Services sector that doesn’t already have some footprint in the Cloud today. Many organizations say they have a “Cloud-first strategy” – but why?
Why are financial services firms going to the Cloud?
The factors influencing moving to the Cloud for various organizations differ greatly. For some organizations, reducing costs is the driving factor behind Cloud adoption, and for others, it is increasing business agility with elastic compute availability. For larger institutions, much of the focus is on cost reduction, getting to market faster, and improving the financial balance between IT operations costs versus running the core business. For smaller organizations, the Cloud presents opportunities to take advantage of services that are available through companies like Microsoft that they would not be able to build or run alone. For many of these same organizations, there are real challenges in serving the increasing demands of consumers and regulators while dealing with decreased resources and tighter margins.
For some organizations, the move to the Cloud also shifts the responsibility of proving compliance to regulators, like FINNRA or ESMA, to that of the Cloud Provider. By taking advantage of PaaS (Platform-as-a-Service) as an example, many firms have really moved the risks of hosting customer data and the responsibility of proving that compliance to Microsoft’s court and have made it “their problem” to maintain the appropriate controls and audit.
Cloud providers, as well as their managed services partners, provide a real opportunity to enable Financial Services organizations to do more with less cost and lead-time while reducing the immense cost of an in-house IT department. And all are now benefiting from partnerships with Cloud providers whose sole focus is to protect their customers’ assets in their hosted Clouds.
However, firms often grapple with other perceived issues around going to the cloud. I say “perceived” because, upon further examination, you will find that they are not issues at all. Here are 3 we hear about most often:
Issue #1: What about my data? Where in the Cloud is it, exactly?
One of the biggest challenges faced by Financial Services organizations is also one of the hardest to solve: where is the data? What laws truly apply to data stored in the Cloud where it is hosted in one country, yet available for use in another? For many organizations, the perception is that data stored in the Cloud is not safe—a major barrier that they are not willing to cross.
However, Financial Services is now benefiting from the trail that was blazed by Retail and Distribution sectors when it comes to the Cloud. For over a decade, Retail has had to cope with a shift in brick-and-mortar storefronts to pure digital channels, and deal with putting customer data right out into the Cloud – because that’s where their customers were! Distribution needed to find ways to operate the full sales cycle for end customers who were ordering, shipping, paying for, and returning items all online, as well as handling thousands of payment transactions per second on the public internet. And data residency was at the heart of everything they did – as a direct result of tax, shipping, and order fulfillment requirements.
With Microsoft Azure, you maintain ownership of your data. The data you host on Azure belongs to you, and you have control over where it is stored and how it is securely accessed and deleted – a key differentiator of Microsoft’s Azure Public Cloud platform. Many of the key SaaS (Software-as-a-Service) products from Microsoft allow you to configure the setup of the service and define where the data for that service will reside. Through appropriate choice and configuration, you can ensure your data stays in the region of your choice. You cannot control how the data is replicated around the backbone of Azure, but you can define where it is stored and from where it is accessed.
For PaaS (Platform-as-a-Service) and IaaS (Infrastructure-as-a-Service), you can explicitly define where your data is stored using Azure Storage and Storage Accounts. You can choose configurations such as Locally Redundant Storage (LRS), where Azure maintains three copies of your data within a single data center in a single region (protecting your data from normal hardware failures but not from the failure of a single data center). Or you could choose a configuration like Zone Redundant Storage (ZRS), where Azure maintains three copies of your data across two to three facilities, either within a single region or across two regions. Finally, you could choose Geo-Redundant Storage (GRS), which maintains six copies of your data, three times within the primary region, and three times in a secondary region, hundreds of miles away from the primary region. The point is, you get to define where your data is stored in Azure, and that helps reduce concerns about the location of your data.
Issue #2: What about when local data storage is required?
Sovereignty and data residency issues around the world mean that many organizations still need to store data locally. If the very nature of having your data outside of your control in someone else’s data center is of concern, Microsoft Azure has redefined the concept of the Hybrid Cloud in an effort to further solve for, if not eliminate, these data residency concerns.
A Hybrid Cloud is a computing environment that combines a Public Cloud and a Private Cloud by allowing data and applications to be shared between them seamlessly. Hybrid Cloud gives organizations the ability to scale their on-premises infrastructure up to the Public Cloud to handle any overflow without giving third-party datacenters access to the entirety of their data. Organizations can use the power of the Public Cloud for basic and non-sensitive computing tasks while keeping their business-critical and sensitive data on-premises.
Issue #3: Does the cloud meet certification and compliance requirements?
Since the 2008 global financial crisis, some of the most stringent rules around asset ownership and coverage have forced financial services organizations to be cautious about moving to the Cloud.
Wherever the barriers have been, from regulations to certain commercial or financial terms, Microsoft is making great progress and coming to terms with major industries and organizations. Microsoft Azure is one of the most heavily certified and compliant Public Clouds that exist, with an extensive list that continues to grow.
Microsoft has also developed the Microsoft Trust Center, which is dedicated to supporting customers leveraging the Public Cloud from Microsoft. It provides resources for knowledge on how Microsoft maintains control over its offerings, how it interacts with your assets and data, and materials for legal entities seeking to understand ownership and liability, For more tailored information, visit the Microsoft Trust Center for Financial Services.
What does this all mean to my business?
The competitive advantage between the Public Cloud and on-premises solutions comes in terms of cost, driving innovation on hosting, and financial stability. The Hybrid Cloud is a good solution designed to make it easier for Financial Services organization to move to the Cloud at their pace, under their control, managing what is stored and accessed where at their own pace.
More innovative solutions for less sensitive needs can easily take advantage of the Public Cloud, while key systems and sensitive data can stay on premise, and the solutions can operate seamlessly together. All the while, organizations can operate securely and remain compliant in their highly regulated fields, trusting that Microsoft is operating with the same (or more) focus on remaining compliant and secure.
Making the move into the Cloud, either in the early days of your transformation or when you are already running in the Cloud, usually means that you need a strong partner to help you get there. Understanding all of your choices around data residency, as well as keeping your requirements around data retention and backup strategies can be a balancing act of cost versus requirement. The Cloud experts at AKA can help you through our Cloud Strategy Roadmap offering, where we can help you better refine your Cloud Strategy and establish a plan for what makes sense for you.
If you are considering a more comprehensive design and implementing a Hybrid Cloud, you need to know what is the right way to design the solution – to keep your sensitive data safe while being able to take advantage of the Cloud’s elastic compute to drive innovation. AKA’s Cloud Essentials can help you set up your Azure Hybrid Cloud the right way from day one, and have you benefiting from Native Cloud capabilities within weeks.