As cloud computing have moved from nice-to-have to must-have for financial institutions managing their data, cloud neutrality became a big concern.
Firms don’t want to be beholden to just one cloud services provider to handle their data and applications. What problems and choices does this pose? Is it a firm’s responsibility to have automation and cloud agnostic tools in place, such as CI/CD – continuous integration and deployment –, or should that be the responsibility of their service providers?
In this article, we’ll take a 50,000 foot view and discuss what it means to be cloud neutral, why it’s important, the challenges for financial firms and providers of cloud-based financial services solutions alike, and what are the benefits.
What does it mean for a data management solution’s provider to be cloud neutral?
Being cloud neutral means that your software is not dependent on, or tied to, one particular cloud service provider. For example, as a solution provider of a data management solution, let’s say you have deployed a data management system on Google Cloud Platform (GCP) for a financial firm – you’ve set-up the solution, configured rules and workflows within and around it, and your customer’s up/downstream systems and data feeds are connected to it. Being cloud neutral means that at your customer’s request you can as easily set-up or switch that environment into a different cloud services provider, such as Amazon Web Services (AWS). This is much easier said than done, of course, but that is what it means for a solutions vendor such as GoldenSource to be cloud neutral.
What are the challenges of cloud neutrality?
The challenge for firms seeking cloud neutrality for their data operations is to figure out if they can – on their own – continuously integrate the latest cloud services in an agnostic way. While large buy-side firms and large banks have more flexibility and can take time to assess their cloud use and cloud platform choices, smaller firms cannot – and once a firm has an arrangement in place, it may get very complicated to unwind it or take it away.
In addition, trying to have the utmost flexibility on one’s own can get expensive due to public cloud pricing model. This is especially true if a firm is locked in to a commitment to a fixed capacity on a monolithic cloud server, where any overage to cope with a spike in data means charges for going over capacity.
While security concerns regarding cloud data management have been mitigated in recent years, security is still of paramount importance. Keeping their client data confidential while facilitating cloud computing, as well as adhering to compliance requirements around the data, will always be a prerequisite – and while the firms themselves have extensive security tools to protect their data, a firm may need a different set of security tools for each cloud data services provider it uses. In this respect, a firm would need to limit how many security providers it had to use to get necessary economies of scale.
Finally, handling all of these data-related operations functions and automation integration – and making them compatible with every other part of the firm’s functions – is a tall order.
Why is cloud neutrality important for financial markets participants and solutions vendors?
For larger financial groups, distributing a system landscape among several of the major cloud services providers, such as AWS, GCP or Microsoft Azure, prevents being beholden to any one provider. It dilutes catastrophic ‘single point of failure’ cyber risk and provides the opportunity to benefit commercially from the natural competition between providers vying for a larger slice of the pie.
Solutions vendors, whilst perhaps having a preference among the cloud services providers, often based on the compatibility and ease of using their tooling for setting up and maintaining environments, need to be able to run their software and provide their services with the cloud provider of their customer’s choice. This solution generally provides more optimized integration with cloud provider. However, there is significant interoperability stemming from the architecture of cloud services, so the vendor of software-as-a-service (SaaS) doesn’t need to run their applications on the same cloud provider as the client receiving the services.