Financial Services and the Cloud: 3 “Concerns” that Aren’t
Posted June 22, 2017
By Greg Inks, Cloud Services Practice Lead
There does not seem to be one definitive answer for the question, “What is the Cloud?” It would be challenging to find a firm within Financial Services that does not already have a presence in the Cloud today. In fact, many firms would likely say that they have a “Cloud-first strategy.” But that begs the question: What does that actually mean?
Why financial services firms are moving to the Cloud
The various factors that influence a company’s move to the Cloud differ greatly. With many, a cost reduction is the most important factor for Cloud adoption. With others, the appeal is in increasing business agility through elastic compute availability. For the larger organizations, primary focus is on reducing costs, being “market-ready” more quickly, and attaining a better financial balance between running the core business and IT operations’ costs. With smaller entities, moving to the Cloud provides the option to take advantage of the opportunities that are available through companies such as Microsoft that they more than likely would not have access to on their own. These organizations face significant challenges regarding serving the ever-increasing demands placed upon them, not only by consumers but also by regulators, while simultaneously dealing with a decrease in resources and shrinking margins.
A change to the Cloud, for many organizations, also shifts accountability for assuring compliance to regulatory groups such as FINNRA or ESMA, over to the Cloud Provider. Many organizations, by taking advantage of PaaS (Platform-as-a-Service) for example, have completely moved the risks that come with hosting customer data and the anxiety of proving compliance and put it in Microsoft’s court so that it’s no longer their problem to uphold the proper controls and audit.
Cloud providers, along with their managed services partners, provide a distinct advantage allowing Financial Services organizations the ability to do more for less in regards to cost and to lead-time. Another advantage is the ability to reduce the huge cost associated with an in-house IT department. Organizations are now reaping the benefits from the various partnerships associated with Cloud providers whose focus is to safeguard their customers’ assets within the Cloud.
But firms are often thrown off track because of concerns they perceive are show-stoppers regarding going to the cloud. I use the term, “perceived” because are not really concerns at all. Here are 3 we hear about most frequently:
Concern #1: What about our data? Where in the Cloud is it?
Where exactly is the data? This is one of the greatest challenges dealt with by Financial Services organizations and is also one of the most difficult to solve. What are the laws that apply to data stored off in the Cloud or, in many cases, where data is hosted in one particular country, but is also available to be used in another country? The perception with many organizations is that data stored in the Cloud is not really safe. This poses a major barrier that many are not willing to cross.
Financial Services is now benefiting from the path already navigated by Retail and Distribution sectors in the Cloud. For that last decade, Retail has dealt with a shift from brick-and-mortar stores to solely digital channels. Retail has had to deal with putting customer data into the Cloud because that is where their customers “live”! In addition, distribution had to find solutions that allowed it to operate throughout the full sales cycle, with end-customers ordering, shipping, paying, and returning their items, all online. Also, they had the added layer of processing thousands of payment transactions each second on the internet. So, when you consider tax, shipping, and order fulfillment requirements, data residency was central to everything they did!
Microsoft Azure allows you the ability to maintain ownership of your data. The data that you host within Azure belongs to you. Your organization has complete control over where the data gets stored and how it is securely accessed and deleted, which is a primary differentiator for Microsoft’s Azure Public Cloud platform. Most key SaaS (Software-as-a-Service) Microsoft products let you organize your setup of the service and then designate the location in which the data will “live”. Through appropriate choice and configuration, you are able to guarantee that your data stays within the region of choice. Though you are not able to control the way in which data is replicated within the backbone of Azure, you can most certainly define where the data is stored and the location from which you’d like it accessed.
With PaaS (Platform-as-a-Service) and IaaS (Infrastructure-as-a-Service), your organization can define where your data gets stored utilizing Azure Storage and Storage Accounts. Choose configurations such as Locally Redundant Storage (LRS), where Azure maintains three copies of your data in a single data center located in a single region (protecting your data from hardware failures, not from failure of a single data site). Choose a Zone Redundant Storage (ZRS) configuration, where Azure maintains three copies of your data across two to three sites, in a single region or across two separate regions. As yet another option, you could select Geo-Redundant Storage (GRS) to maintain six data copies, three times in a primary region and three times in a secondary region miles from the primary region. The point being, you can define where you want your data stored in Azure, and quite simply, that helps reduce any of the concerns regarding the location of your stored data.
Concern #2: What if local data storage is required?
Throughout the world, sovereignty and data residency problems mean that many companies still require the storage of their data locally. If your main source of concern is having your data stored outside of your control and located in someone else’s data center, then the redefined concept of Microsoft Azure’s Hybrid Cloud should remove these data residency concerns.
A Hybrid Cloud is best described as a computing environment with a combination of both a Public Cloud and a Private Cloud which allows data and application sharing seamlessly between them. A Hybrid Cloud allows organizations the ability to scale its on-premises infrastructure up to meet the Public Cloud and then handle any overflow data thereby not giving access to the entirety of its data to third-party datacenters. Organizations can take advantage of the power of the Public Cloud for non-sensitive and basic computing tasks yet still maintain their critical and sensitive data on-premises.
Concern #3: Can the cloud meet certification and compliance requirements?
After the financial crisis of 2008, many stringent regulations put into place around asset ownership and coverage have made most financial services organizations exceptionally cautious in regard to shifting to the Cloud.
Microsoft is making progress in coming to terms with these major industries and organizations’ concerns by addressing barriers to regulations, as well as addressing certain commercial and financial terms. Microsoft Azure is a leader in providing comprehensively certified and compliant Public Clouds, with an extensive and ever-expanding list.
In addition, Microsoft has developed the Microsoft Trust Center which is dedicated to supporting customers who are leveraging the Public Cloud from Microsoft. This center provides resources on how Microsoft sustains control over its offerings, on how it relates with your assets and your data, and it provides materials to legal entities seeking to understand both ownership and liability. For more on the Center, visit the Microsoft Trust Center for Financial Services site.
So, what does this all mean to you?
Competitive advantage is evident within the Public Cloud and on-premises solutions in terms of cost, in terms of driving hosting innovation, and in terms of providing financial stability. The Hybrid Cloud is a brilliant solution that is designed to provide an easier transition so that Financial Services organizations can move to the Cloud, with control in mind, managing what gets stored and where it gets accessed, at the pace that fits the organization.
Innovative solutions for less sensitive needs are easily taken advantage of within the Public Cloud, while still letting key systems and sensitive data stay on the premises, and these solutions operate together seamlessly. Firms have the ability to maintain operations securely while still remaining compliant in their highly regulated fields with the knowledge that Microsoft is operating with the same goals in mind.
Moving into the Cloud, whether in the beginning of your transformation or after your organization is already operating in the Cloud, typically means that you need a strong partner to aid you in getting there. Being cognizant of all of your choices regarding data residency, as well as assuring you meet the requirements around data retention and back up strategies, can be a nonstop pull between cost vs requirement. The AKA Cloud experts can assist your organization in navigating our Cloud Strategy Roadmap, helping you to more accurately refine your Cloud Strategy and develop a plan based on what makes sense for your firm.
If you find your firm considering a more comprehensive design and possibly implementing a Hybrid Cloud, you need to know the optimal way to design the solution to keep sensitive data safe yet still be able to take advantage of the elastic compute-to-drive innovation offered in the Cloud. AKA’s Cloud Foundational Services can assist you in setting up your Azure Hybrid Cloud the best way for you, from day one, and let you start realizing the rewards of Native Cloud.