Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .



Ed Almer

Edy Almer, VP of Product at AlgoSec, looks at the challenges financial institutions face when migrating applications to the cloud.

Ed Almer

Ed Almer

 It’s a common misconception held by many that business applications can be apparated, Harry Potter style, into the cloud and that the IT team just needs to press a few buttons and whoosh, the migration is done.  If only it were that easy.

 Firstly, despite the fact that, in our experience 85% of applications can potentially be migrated to the cloud, there are some applications that should not, or cannot be moved.  Legacy applications may be difficult to virtualize, requiring significant development work before they can be migrated.  Some applications may be sensitive to latency, so for performance reasons they should stay on-premise.  Others may be governed by regulations which prohibit their moving outside of a given jurisdiction or geographic region.

 Hand-drawing maps

However, even for the majority of applications that are suitable for migration, there are multiple challenges which need to be addressed if the migration is to be done smoothly and securely.  First, the application’s existing network flows need to be mapped, so that the IT team knows how to reconnect the application’s connectivity post-migration.  This is extremely hard to do in complex environments.  There’s usually little to no up-to-date documentation, and attempting to understand the requirements and then painstakingly migrate and adjust every firewall rule, router ACL and cloud security group to the new environment manually is an extremely time-consuming and error prone process.  A single mistake can cause outages, compliance violations and create holes in the businesses’ security perimeter.

 This is a time consuming process: in AlgoSec’s experience, a team of five experienced consultants can manually map 25 applications a week. That means, in a typical enterprise running 1,200 applications, it would take the team a year to complete the process. If the organization has good documentation of its applications, and an accurate configuration management database, it may be possible to cut this time by 50%.

 But given the resources required to map applications manually, some financial institutions may ask if they really need to do it before migration.  The answer is definitely yes, unless they plan to move only one or two applications in total – and can afford to manage without those applications for hours or days, in the likely event that a problem occurs and connectivity is disrupted.  Having comprehensive maps of all the applications that need to be migrated is essential: this atlas of connectivity flows shows the way forward to smooth, secure cloud migrations.

 Ready to move

With an atlas of existing connectivity maps, financial institutions can tackle the migration process itself.  This can be done manually using the APIs and dashboards available on all cloud platforms, but it’s slow work, and it’s all too easy to make costly mistakes.  Some cloud service providers offer native automation tools, but these often only address the cloud provider’s environment and they don’t provide visibility, automation or change management across your entire estate.   Even some third-party cloud management tools which are capable of spanning multiple clouds will not necessarily cover your on-premise networks.

 The most effective way to accelerate application migrations is with an automation solution that supports both the existing on-premise firewall estate, and the new cloud security controls, and can accurately define the flows needed in the new environment based on the atlas of existing connectivity flows, as well as the security and compliance needs of the new environment.  In fact, the right automation solution can also discover and map your enterprise applications and their connectivity flows for you, without requiring any prior knowledge or manual configuration by security, networking or application teams.

 Institutions can then use the solution to navigate through the actual migration process to the cloud, automatically generating the hundreds of security policy change requests that are needed across both the on-premise firewalls and cloud security controls.  This dramatically simplifies a process that is extremely complex, drawn-out and risky, if attempted manually.

 After the applications have been migrated, the automation solution should be used to provide unified security policy management for the entire enterprise environment, from a single console.

 While there isn’t yet a method for apparating applications instantly into the cloud, automation makes the process both fast and relatively pain-free by eliminating time-sapping, error-prone manual processes, such as connectivity discovery and mapping, during the migration itself, and in ongoing management.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post