By Nigel Moulton, Chief Technology Officer, EMEA, VCE
Over the past couple of years, there has been a great shift towards businesses adopting digital technologies. Gartner refers to this as The Digital Industrial Economy – this means every budget is becoming an IT budget; every company is becoming a technology company; and every business is trying to become a digital leader. However, whilst this digital industrial revolution is taking place across many industries, the industry that is being impacted the most – and thus seeing the greatest transformation – is the Financial Services (FS) sector. The driver behind this change has been the new and sophisticated ways that FS organisations are approaching how they use data to improve their services by diversifying their offerings.
With organisations facing an ever-growing burden in maintaining compliance with increasingly complex regulation regimes from the Financial Conduct Authority, FS organisations cannot risk their data getting lost or be at risk of a cyber attack. The FS industry is the most frequent target for cybercrime, facing 300 per cent more cyber attacks than any other sector and regulators have noted that these attacks on banks are an emerging threat that could pose a significant risk to the sector. Here in the UK, Natwest was the latest victim of one of these attacks, which resulted in users not being able to log in to their online banking services on pay day. If crucial financial data is hacked, hundreds of millions of pounds could be lost from managing damage, through to issuing compensation or to managing the longer-term impact on brand reputation.
With these risks in mind, EMC, VCE and VMware recently undertook research investigating the motivations and rationale behind different Line of Businesses (LOBs) within FS organisations procuring public cloud services. The study revealed that a surprising 92% of LOBs in these companies use some form of public cloud. The reasons behind this significant uptake of public cloud ranged from affordability (41% cited it was a cheaper solution), to ease of use (34%) and wanting to meet client needs (30%).
Public cloud services are helping organisations to streamline administrative management, visualise information and analyse trends. As a result of their intuitive design, widespread availability and low cost barriers, many employees already know how to both use these types of tools and are at ease deployingthem if required. This is not only helping to empower workers, but also accelerate the pace of digital innovation across different departments.
However, this informal approach to public cloud poses several risks from a security and data management perspective. What many businesses don’t realise is that data is not always secure in the public cloud as it is hosted in third party data centres where the cloud provider is only a tenant, amongst many others.. But what is most worrying is that despite the FS sector being one of the most highly regulated industries, the research revealed that employees are sidestepping the IT department and deploying public cloud services without consulting them. In fact, nearly half of those surveyed (44%) admit to bypassing the IT department when purchasing cloud services.
By avoiding checking these purchases with the IT department, these unauthorised decisions are potentially putting their organisations at risk. The threats associated with cyber attacks, and unauthorised access to data, could result in huge financial penalties and very damaging subsequent business and financial losses. Furthermore, by hindering the use of public cloud, organisations could slow the pace of digital innovation and prevent the business from working as efficiently as possible. So this poses the question: what should IT departments do to ensure their employees – and organisations as a whole – benefit from the efficiency and scalability of the public cloud, without putting sensitive data at risk?
The solution is a hybrid cloud approach. Hybrid cloud environments provide the flexibility, affordability, agility and scale of the public cloud, without compromising safety and compliance regulations. This not only ensures that business-critical applications remain in-house, it also allows for rapid provision of the infrastructure from either public or private clouds to cope with new projects and setting up virtual servers to handle a new application. In addition, it can be scaled back just as easily when no longer needed, providing additional flexibility to organisations when taking workloads back out of the public cloud.
Using a single, common platform, a hybrid model allows organisations to extend their existing data centre to the public cloud while leveraging the tools, existing security policies and processes that they already use on-premise. With an enterprise hybrid cloud strategy in place, LOBs can gain immediate and easy to access to secure resources.
As employees look to deploy cloud services that circumnavigate the IT department, IT organisations need to have a strategy that gives easier access to cloud services in a controlled, compliant manner. Businesses need to embrace a hybrid cloud strategy that can provide portability of workloads in a flexible and agile fashion. If organisations can embrace the public cloud with confidence, knowing their data is secure, they can then re-focus their efforts on thriving in the fast-paced era of digital innovation.