By Dan Middleton, Regional VP for UK & Ireland at Veeam

Over the past decade or so, two big shifts have taken place in how businesses build, deploy and use digital technology. The first is the consumerisation of IT. In 2005, Gartner pronounced consumerisation to be ‘the most significant trend affecting IT in the next 10 years. After the dot-com collapse, enterprise IT budgets were shrinking and so vendors focused instead on targeting larger consumer IT markets. The result was a change in how technology entered the marketplace including that of the finance sector. Instead of innovation starting in the business world and flowing to consumers, the consumer market would adopt new technology before  enterprises. Accelerated and affordable improvements in mobile devices, connectivity, web applications and software have helped democratise IT and initiated this trend.

The other big shift has been the arrival of digital natives into the workforce and their expectation that the corporate technology experience be more like their consumer-based one. They have been less inclined to draw a line between corporate and personal technology, or be happy to use complex enterprise software when the consumer tools they’re used to are more flexible and powerful. Hybrid and remote working have accelerated this trend, with employees not in the physical workplace and free to make more decisions about where and how they work. With around a quarter of UK employees hybrid working according to the ONS, this is set to remain an important consideration for IT leaders. The behaviours this model can create includes staff turning to familiar services to get their work done (such ‘shadow IT’ and its likely payload of system exposures adding to the burdens of tech teams who are often ignorant of such transgressions until it is too late).

Sky high expectations

All of this has driven, across customers and employees alike, the expectation of instant results when using technology. In a society where we all get impatient even standing at the microwave, there is little tolerance for delays or disruption. Customers are used to transactions and processes being as seamless as possible and will not hesitate to switch away if they’re frustrated. With ever-higher expectations  for both customer experience and service availability demanded of businesses, agility and the rapid deployment of new products and services are now hallmarks of market leadership.

The finance sector has been a case in point – a market disrupted by fintech brands that have been designed from the ground-up to be data-driven and with no physical branches, and free of the legacy technologies and barriers the established banks have had to overcome, whilst endeavouring to innovate quickly. By taking advantage of modern application architectures and the DevOps practices that are associated with cloud-native technologies, fintech challengers have been able to grow and scale without the associated high IT infrastructure and development costs that would normally come with more traditional methods of software development.

Cloud-native technologies have an important role to play in providing the right conditions to make this happen. One of the key advantages is in speeding up development cycles by maximising the performance of cloud-based tools. Due to the high degree of abstraction that cloud-native architectures enable – using app services and serverless functions wherever possible, so that physical infrastructure isn’t something a business needs to maintain itself – new digital services can be developed and brought to market far more quickly.

Planning for the worst

These benefits aren’t just realised when developing new applications – if a business has to re-architect an existing application to extend functionality, for example, cloud-native development strategies have a big role to play. Container technology, such as Kubernetes, has allowed for organisations to take a modular approach to managing applications, enabling rapid deployment and updating across clouds.

But the consistent performance that a cloud-native environment can offer is only possible if the data upon which everything relies is protected properly. A simple misconfiguration, data breach or outage can cause huge disruption if services can’t be restored quickly. The unfortunate example of Travelex is just one incident of many of this kind, where a ransomware attack brought down its systems globally and disrupted the business for many months, leaving customers without means to access foreign currency. The attack’s impact was so severe it eventually pushed the company into administration. In the rush to adopt cloud-native technologies, and modern software development practices, rather than being baked-in, practical questions about resilience, disaster recovery, continuity planning and data protection can often take a back seat. For an industry that was the early adopter of IT, trading floor and back-office disaster recovery, and subject to FSA and PRA guidelines, such oversights have no excuse. Added to which, recent findings show little difference these days between ‘high-priority’ and ‘normal’ data, with 64% of the former and 58% of the latter having a data downtime tolerance of no more than one hour (Source: Veeam Data Protection Trends Report 2022).

Inadequate data protection could be disastrous for the digital transformation initiatives fintechs are trying to work through, and in fact undermine the benefits that cloud-native digital transformation can bring. 90% of IT leaders within financial services industry organisations admitted to a protection gap between how much data they can afford to lose after an outage, and how frequently that data is in fact backed up: this, according to the Veeam Data Protection Trends Report 2022. What adds complexity with a modern application development methodology is that each of the hundreds of microservices that can make up a cloud-native application often have their own independently managed database instance – making traditional backup applications fall short of the mark.

With applications and data now residing across physical, virtual, cloud and Kubernetes environments, and given the highly sensitive nature of the financial and other information being held by fintech organisations any infrastructure vulnerabilities and single points of failure must be eliminated. The Veeam Data Protection Trends Report 2022 also revealed that 44% of finance and insurance IT leaders consider the most important aspect of any enterprise backup solution is the breadth of workload it protects. Hardly surprising when 50% of respondents had ransomware outages in which 38% of data was unrecoverable, whilst 28% servers had at least one unexpected outage. Those in need of such expertise or resources are best advised to partner with an expert provider in Modern Data Protection with proven, specialist capabilities around cloud-native platforms and tools. With the rapid rate of development, deployment and change, such support must also be agile, flexible and adaptable. Vendor agnosticism and strategic vision should be sought.

The way IT powers our modern world has changed forever. Exciting microservices and cloud-native applications are driving down software development timeframes and enabling more innovation, more quickly in their bid to transform business models as they strive to meet shifting customer demand. Implementing a Modern Data Protection solution that can work across these new environments, and perhaps even anticipate the next evolution, is key. That way fintechs can remain confident that they can bring applications back online in the event of malicious incidents or human error, protect themselves and their customers against cyber threats, and easily roll back to earlier versions should something as simple as accidental deletion happen.

In the bid to move forward, no firm wants a lack of resilience to hold them back.