Financial service providers must have high levels of compliance and deliver world-class services to their customers. Has the hybrid cloud delivered a platform this sector can build a sustainable and profitable future upon?
The financial services (FS) sector has been an avid user of new technologies. Security concerns, data privacy and compliance, have all impacted on the cloud services the banks and other financial institutions have built.
In addition, the FS industry, as a whole, has exploded. Research from the IBM Institute for Business Value concluded: in 2019, the banking sector’s spending on cloud services is expected to approach USD $100 billion, with cloud-enabled workloads of top-tier banks expected to double annually.
“Cloud has become a fundamental enabler of banking innovation,” IBM concludes. “Six transforming cloud attributes – cost flexibility, scalability, market adaptability, masked complexity, contextual variability and ecosystem connectivity – not only underpin efficiency improvement, but they also support a substantially broad range of business transformation and associated revenue growth.”
Private cloud services have so far dominated the services banks have developed. The adoption of a hybrid cloud strategy has not surprisingly, been slow, lead by security concerns and a loss of data control as it is in motion. However, this is accelerating. A report from Nutanix – a supplier of enterprise cloud solutions revealed the financial sector outpaces other industries in the adoption of hybrid cloud, with the deployment of hybrid cloud reaching 21% penetration today, compared to the global average of 18.5%.
“Increased competitive pressure combined with higher security risks and new regulations will require all of the industry to look at modernizing their IT infrastructure,” said Chris Kozup, SVP of Global Marketing at Nutanix. “The current relatively high adoption of hybrid cloud in the financial services industry shows that financial firms recognize the benefits of hybrid cloud infrastructure for increased agility, security, and performance. However, the reality is that financial services firms still struggle to enable IT transformation, even though it is critical for their future.”
There is little doubt the banks and other FS providers will increasingly have to adopt a hybrid cloud strategy. As FinTech continues to disrupt the marketplace, financial services that embrace the hybrid cloud will be competitive and able to innovate.
Gartner’s research vice president, John Van Decker stated: “The Gartner survey showed that 93% of enterprises see the cloud being utilized for half of the enterprise transactions in the future. The cloud has definitely changed the game for financial management business applications. Vendors have responded with new and rearchitected platforms in the cloud, and most have de-emphasized their on-premises solutions, in favour of cloud implementations, which are more profitable for the vendors, while reducing the effort of local IT support.”
Dr Richard Harmon, Director, EMEA Financial Services, Cloudera goes further when he told Silicon: “Now that Open Banking is allowing FinTechs to partner with financial institutions to provide and deliver some of the next-generation products and services that consumer want, a hybrid, multicloud infrastructure has become the ideal playground for businesses to solve the most pressing data and analytic challenges in a streamlined fashion.”
Harmon concluded: “Some of the largest FinTech players are now able to use the hybrid cloud to deliver mission-critical services across data engineering, data warehousing and data science, including the ability to run multiple analytic functions on the same datasets. Underpinned by a comprehensive data governance strategy, an enterprise data cloud infrastructure has become the ideal solution to meeting stringent industry regulation and running the most sophisticated data analytics practices at scale.”
Secure hybrid cloud for financial services
The hybrid cloud is the ideal solution for the FS industry to innovate within a regime of compliance. A major area of concern when moving highly personalised and sensitive data off-prem is the data’s security.
Speaking to Silicon, Helena Schwenk, AR and Market Insights Manager at Exasol said: “Important issues involving the hybrid cloud include how personal information is stored, how it is used, dependence on third-party providers and security of cloud infrastructure. These are issues that are all vital during design and implementation stages of hybrid cloud infrastructures, and in an industry that continues to evolve in line with the on-going pace of change, must be taken into account in all stages of the digital transformation process.”
Coupled with the development of hybrid cloud environments, technologies such as AI and Machine Learning are transforming the FS space. Here, the hybrid cloud landscape must be protected. “Huge advances are being made with AI-driven threat protection,” explained Neill Hart, Head of Productivity and Programs at CSI. “CIOs are now responsible for more endpoints and more infrastructure than ever before.”
Hart continued: “In this fast-changing security world, AI can now provide more effective prevention against cyber-attacks – and it has the ability to increase protection to 99.7% from 60-70% with traditional signature-based cyber protection. Driven by an agent with a small footprint and with no configuration or signature-update needs, this is a compelling argument to move applications over to the cloud.”
The masses of data that FS companies now contain is often inaccessible. These silos of information must be opened and integrated together. “One of the greatest advantages of a hybrid model is the ability to delineate between sensitive and non-sensitive data and treat them distinctly,” explained Julian Box, Founder and CEO at Calligo.
“Financial institutions are increasingly taking advantage of large compute resources in the public cloud for heavyweight tasks using non-sensitive data,” Box expanded. “For example, data analysis and advanced application development, while keeping sensitive data in local, secure resources whose security and physical location is finitely and specifically understood.”
Hybrid cloud infrastructure is clearly how every businesses and organisation operating in the FS sector will structure their services. As the hybrid cloud proliferates, security will be the foundation onto which each customer-facing service is built.
A hybrid cloud future
The FS sector is in a state of rapid change. Challenger banks and FinTech start-ups are expanding their reach to transform the financial services on offer to customers today.
Says Dr Richard Harmon, Director, EMEA Financial Services, Cloudera: “Banks’ attitudes towards the cloud are shifting, with both large players such as Deutsche Bank declaring their plans to pioneer a ‘cloud-first strategy’ that will transfer 95% of their applications to the cloud and challenger bank banks such as Monzo, built entirely on an AWS cloud that runs over 400 core banking microservices. Many banks are seeing the benefit of the cloud to transform their business. The increased popularity of challenger banks has caused a heightened rivalry, leaving traditional financial institutions without a choice but to migrate to the cloud to reap its unique benefits and stay competitive.”
However, striving to adopt more hybrid cloud services brings with it a risk that data siloes remain or even proliferate says Julian Box, Founder and CEO at Calligo: the innate inconsistency between environments that is part and parcel of typical hybrid deployments creates new siloes, rather than breaking down pre-existing ones. Each of the platforms being combined to create the hybrid environment – public, private or on-premise – will bring with it its own operational modes and tools, which are very difficult to unify, and will naturally and unavoidably create data silos. Indeed, many financial services IT teams who lack deep experience in the cloud will allow or even encourage these silos in order to “maintain control” of the data.”
“Fortunately, many of the larger cloud providers, Microsoft Azure, in particular, are recognising that consistency is key to the ongoing success of hybrid cloud, and are adapting their familiar, powerful public cloud tools and capabilities to extend into on-premise and local resources, creating an inherently consistent environment,” Box concluded.
Developing a hybrid cloud architecture for their services is now essential right across the FS sector. NetApp UK&I’s Grant Caley concluded: “As it is for many industry verticals, the future is very optimistic for the hybrid cloud and financial services. The hybrid cloud offers access to not just agility, but also to advanced technologies such as Artificial Intelligence, Analytics, Serverless Computing and no doubt Quantum Computing when it is eventually available. If you combine this technological access with initiatives such as Open Banking, I think you can start to see the whole customer experience change quite profoundly and dramatically; ultimately I believe it is to the advantage of the customer.”
The hybrid cloud promises a seamless and secure environment where FS providers can innovate. Care must be taken to ensure that the hybrid cloud infrastructure that is built doesn’t simply replace and existing deployment with an environment that is more complex and that has a wider threat surface. Hybrid models must be carefully assessed and their component parts. With new technologies such as Google’s Anthos and the expansion of containers, CIOs and CTOs need to tread carefully, as they construct their hybrid cloud services.
Silicon in Focus
Chris Ibbitson [CI], Chief Technologist at HPE (Hewlett Packard Enterprise) for the Financial Services.
Chris Ibbitson is Chief Technologist at HPE for the Financial Services Industry. He has worked in the IT industry for over 20 years, 15 of which were in the technology organisation of a global bank.
Ian Bradbury [IB], CTO Financial Services, Fujitsu
Ian has been with Fujitsu for 15 years, having worked his way up from Solution Design Manager to the CTO for Financial Services for the company in the UK and Ireland. As a Fujitsu Distinguished Engineer, Ian is an expert on technology in the Financial Services sector. His expertise includes areas such as AI, hybrid IT, digital transformation, the cloud, blockchain, and biometrics.
How are hybrid clouds transforming financial services?
[CI] The hybrid cloud is providing agility for financial services (FS) organisations, allowing them to increase the speed of how they can deliver change across the business – whether they’re a small, agile FinTech with no legacy systems or an incumbent enterprise organisation.
The hybrid cloud is also being used as one of the main platforms to enable FS organisations to become more ‘digital’ – not just through the adoption of more modern technology, but also through helping change the mindset of decision-makers within the business. They are placing data at the heart of business processes, adopting more advanced practices such as DevOps, moving to CI/CD pipelines, and focusing on continuous delivery versus the traditional quarterly releases.
[IB] Hybrid clouds are transforming financial services by allowing organisations to exploit the high levels of agility and opportunities to scale and enjoy limited initial investments needed of public cloud services. At the same time, they remain secure, resilient and compliant.
That’s why organisations are now combining their traditional on-premise computing solutions with their own private cloud infrastructures and public cloud services. This allows them to develop deeper insights through data analytics and shorten product development cycles for exciting new offerings and functionality for their financial products.
What are the current pressure points in the financial services sector when designing and deploying hybrid cloud infrastructures?
[CI] The main pressure point is the balancing and controlling of risk; not just from a cybersecurity perspective, but also from the perspective of ensuring operational delivery. Banks typically have very mature service delivery runbooks – encompassing planning, capacity management, change, and so on – which have developed over time and are often aligned to industry standard processes such as ITIL. As we enter the hybrid world, these need to evolve to take into account the change in service delivery, as well as the underlying architecture underpinning these services.
[IB] There is a broad set of challenges to consider: On one hand, many financial services developer teams would like to exclusively use native public cloud platform-as-a-service (PaaS) offerings, as these have the fastest route to develop new code – so there is no need for a hybrid solution. On the other hand, most financial services organisations are heavily regulated. This has generated concerns about single vendor public cloud solutions and the data needed to support new systems locked away in their own data centres.
Ultimately, optimal hybrid solutions will consider at least the following: regulatory requirements, data availability, security, network performance, cost and tariff structures, end-to-end management, operational performance, portability of workloads, access to public cloud PaaS services.
How are financial services CIOs approaching security as their business move to the hybrid cloud?
[CI] With the adoption of the hybrid cloud, the traditional approach of securing the boundary of an organisation has needed to change. The boundary is no longer as clear as it once was. The attack surface is changing and, more CIOs and CISOs are looking at how they can move from a defensive position to a more offensive position when it comes to cybersecurity.
Examples of this more offensive position include segmenting services to ensure that if one service is compromised it doesn’t compromise all and utilising AI to better understand what ‘normal’ behaviour looks like.
Many FS CIOs are also looking at adopting “zero trust” concepts in the future. This is centred around the argument that businesses should not automatically trust anything (either inside or outside the organisation) and instead requiring anything and everything trying to connect to its systems to be fully verified before granting access.
How is the hybrid cloud breaking down data silos across businesses in the financial services sector?
[CI] In my opinion, the hybrid cloud itself isn’t breaking down data silos across financial services. However, the ability it provides to quickly and easily deploy Big Data and Analytical services across the enterprise cloud environment to analyse data (which in banking is often the untapped asset), is helping break down silos.
What hybrid cloud also does, is provide access to highly performant workloads to enable data to be analysed in a ‘as-a-Service’ method – helping organisations drive more workloads to data lakes that promote the sharing of data (where allowed ethically or by regulation) across a financial services organisation, instead of individual business areas within the organisation doing their own thing.
[IB] Availability of data is a key consideration for hybrid cloud solutions. But it’s not just a hybrid cloud that is driving the breakdown of data silos. Most financial services organisations have had a consolidated data strategy in place for some time and, have recruited a Chief Data Officer.
As part of an overall hybrid cloud strategy, public cloud services are now playing an increasingly important role in helping financial services organisations to generate value and insights from their data. Public cloud is increasingly seen as the main landing place for data analytics, with a broader range of tools and scalability than a private cloud can provide.
What does the future of the hybrid cloud and financial services look like?
[CI] The future will not only be hybrid but, will also be multicloud. This will be driven by two main factors: Firstly, the regulations that requires organisations to avoid concentration of risk through having all their services with one provider, both within a single organisation, but also across the industry more broadly. Secondly, privacy – in certain territories there will be a requirement to ensure that certain data is kept within the geographical boundaries of where an organisation operates.
The hybrid cloud will also start to deliver on the promise of application portability. As organisations modernise their services to fully adopt containerisation, the ability to truly move workloads and the associated data between hybrid cloud providers will become not just a reality, but the new normal.
[IB] Most organisations are still building out their first-generation hybrid solutions and discovering they need to do more. Utilisation is a key area that is driving this rethink, along with changing perspectives on regulatory requirements. Some organisations decide they will develop in the public cloud and then run operationally in their own datacentres on private cloud infrastructure.
Others are using the public cloud for specific use cases such as data analytics and machine learning applications. With others also using multiple public providers and are integrating across them. There is real regulatory concern about ‘concentration risk’, which means that many financial services companies are running most of their business on a single public cloud vendor. This is certainly an evolving area and a space to watch in the future.