Banks take to Cloud Computing

Article by Karan Kirpalani



“We will never buy another datacenter,” said Michael Harte, CIO of Commonwealth Bank of Australia, to the Committee for Economic Development in Australia. “We will never buy another rack or server or storage device or network device again,” Harte continued. “I will never let any organization that I work for get locked into proprietary hardware or software again. I’ll never tell my teams in the business that it will be weeks to get them hardware provision. I’ll never pay up front for any infrastructure and certainly would never pay for any, or rent any, infrastructure that I would never use.”

These comments capture the two biggest benefits that cloud computing bring to the current generation of banks:

  • The ability to provision computing capacity, storage, network bandwidth, etc., on demand
  • The flexibility of the pay-as-you-use model

The bottomline is that cloud computing services provide banks with a great degree of agility within a reasonable cost structure. This in turn allowsbanks to create new products and services, speed up time to market and provide better services to theircustomers. At the same time, the virtualization aspect of cloud computing drivestheir costs down, thereby helping them improve their profitability.

Anyways, despite its wide-ranging benefits, not every banker is convinced of the benefits of cloud computing, especially when it comes to answering security and regulatory questions. And there are many who are not quite sure what cloud computing is.

So what is Cloud Computing?

No universally accepted definition exists for cloud computing. But this is how Wikipedia defines it: “Cloud computing is Internet-based computing, whereby shared resources, software and information are provided to computers and other devices on demand, like the electricity grid.”

In simple terms, cloud is a style of computing based on the Internet that allows customers to pay for exactly the resources and infrastructure they use.Its characteristics include lack of an up-front capital requirement, shared service delivery over the Internet and pay for use.

And what keeps the bankers worried?

For all the benefits that cloud computing can provide to banks, security and data privacy remainprime concerns for bankers contemplating a move to this platform. They fear having their data ‘in the cloud’, especially given that thecloud works as a multi-tenancy structure. This is what concerns the bank CIOs the most – that that their precious and mostly sensitive data could be stolen orcompromised by hackers, mixed with data fromtheir service providers’ other tenants, or releasedby mistake.

This fear is thesingle greatest hurdle that banking leaders mustovercome to build trust and gain the benefits from cloud computing.

Riding the cloud

There is no doubt that despite its popularity and the business benefits it brings along, it will still take time for banks to make the move to cloud computing. Top executives in banks are still grapplingwith its risks, possibilities, and the cost of writingoff current IT investments. Not to forget the sticky issue of integrating existing legacy applicationsthat will remain in house with those sent to thecloud is one that needs to be addressed.

Then of course, security is a major and legitimate concern. However, it is seen that cloud computing providers are investing in capabilities that will allow them to adhere to higher standards of security and data protection.

The important thing for bank executives to remember is that cloud computing is a journey,not a destination, and that it alone does not render sustainable competitive advantage.

Below is a checklist that can help banks to evaluate this new innovative technology before hopping onto it:

  • Determine the business functions that might be suitable for different cloud environments and classify your information assets by sensitivity
  • Establish a robust and comprehensive set of requirements specific to the lines of business and those specific business functions the bank will operate in a cloud environment
  • Develop detailed governance processes including goal setting, policy and standard development, audit rights, frequent steering committee meetings, and clear escalation procedures
  • Establish a protocol that allows the financial services firm to identify where its infrastructure and data are situated, both technologically and operationally
  • Consider not only the service provider’s capabilities regarding robustness of information security, but also how readily your firm’s information is able to be retrieved in the event of an auditor natural disaster
  • And, tune your bank’s internal policies to address the demands involved in the purchase and utilization of cloud computing services

So, is your bank on the cloud? If not, what makes you wait?