Adam Binks, CEO, SysGroup
Historically, financial institutions and the cloud had a very simple relationship, which was the absence of one altogether. At its conception, the connected, third-party concept of the cloud appeared to be at odds with the principles of financial security and, therefore, the two were viewed as incompatible.
On face value, the logic follows and even the most progressive IT head will have been hesitant to put it to the test. But dig a little deeper and it becomes apparent that the cloud is not inherently less secure than an on-premise ecosystem. Yes, cloud providers and on-premise setups should be judged on their individual merits, but, on the whole, the cloud now offers financial institutions more peace-of-mind and opportunity than an on-premise ecosystem can.
The reason for this, in short, is that cloud technology has matured, been proven and become broadly accepted. As cloud technologies have become more a part of the fabric of our connected world, organisations have become more comfortable with them. No-one would suggest that cloud services can’t be hacked, but nor would they about poorly patched on-premise ecosystems.
To some extent, getting to this point has simply been a matter of time. The years have shown that, if properly implemented, there’s no reason the cloud can’t form part of an effective and secure IT system for financial organisations. The cloud has become acceptable because time has shown it to be so.
In addition, though, cloud technologies are more robust and reliable today than ever before. Years of honing cloud services in the face of security concerns have led cloud providers to address precisely those issues.
Now consider how the expertise and experience of cloud providers stack up against those of internal IT departments at financial organisations. It should be obvious that years of each typically working with a range of clients in different industries has generally given cloud providers a broader and deeper understanding of the security issues at play.
Of course, the financial industry has its own specific areas that must be addressed – like PCI-DSS compliance and increased protection for sensitive personal data – but there’s no reason a cloud provider with expertise in these areas can’t address them any better than an on-premise department. In fact, I’d argue that the best approach is a partnership approach, in which financial organisations can draw upon the specialist skills of cloud providers to design, deploy and manage ecosystems that are informed by their own depth-of-knowledge of the industry.
Fundamentally, it boils down to this: if data is better protected by or working with a third-party cloud provider rather than just internally, then it should be.
Perhaps the biggest limitation of an on-premise ecosystem is the potential – or more accurately the lack thereof – for scaling activity. Assuming financial organisations can be confident that cloud security can be as good if not better than on-premise security, the next question is what opportunity each offers with the data that is held.
Here, something becomes apparent very quickly. It is no longer just data that is proliferating at a huge rate, but the extent to which we’re seeking to extract value from it. The analysis of data creates more data in itself and that needs server space that cloud providers can bring online for financial organisations in a way that can’t be done on-premise.The ability to pay for more cloud space as and when it is required rather than having to plan ahead for on-premise deployments absolutely fits with the need for this more agile approach.
An organisation’s data and what is done with it is a major part of any competitive advantage that can be forged in today’s digital world. Anything that limits that puts an organisation at risk of falling behind its competitors.
In a similar way, on-premise departments with potentially proprietary solutions for security are limited by the pace at which they can adapt to an ever-changing competitive environment. As new security risks, trends and opportunities come to light, cloud providers – with more varied expertise, perhaps more varied technology to draw on in-house and more scope for fast scaling – can accommodate them more quickly.
Organisations that can adapt more quickly have an inherent competitive advantage. What’s more, as the pace of technological change quickens, that advantage becomes more pronounced.
Broad as the brush-strokes may sound, scale and flexibility are borne out as the driving reasons behind many financial organisations as they choose to move to the cloud. This was certainly the case with the reinsurance software specialist Sequel Business Solutions, whose existing sub-contracted, on-site IT resource was found to be limiting its opportunity for growth. Its decision to move to the cloud freed up its own IT staff to focus on more strategic work and delivered a more adaptable IT function.
Financial organisations must consider whether the perceived benefits of an on-premise ecosystem outweigh those that can be offered by third-party cloud providers. If, ultimately, the only downside of the cloud is the public perception of third-party involvement, then, really, it’s a matter of changing that perception. As with other industries, financial organisations will come around to the idea that the cloud isn’t no longer just the right option, but increasingly the only reasonable, cost-effective and reliable option.