Nascent Cloud Security Drives Hybrid Strategies
"Standardization and things like compliance are very nebulous in the cloud environment right now, especially on the public cloud side," says Iran Hutchinson, product manager at integration software provider InterSystems, who participated in a recent panel discussion at the Waters Power event last week in Manhattan, hosted by sibling publication Waters. "Our customers prefer the private cloud providers because the clients have full control over their infrastructure and can perform SAS 70 audits."
Knowing where a data trail ends in terms of auditing and logging is a major concern, says panelist Vijay Luthra, head of infrastructure at Artio Global Investors. Such issues have led his firm to work with more SAS 70-compliant providers than public cloud providers. "Their service level agreements (SLAs) define where exactly the data is sitting and what type of data is sitting with them," he explains. "There is a lot more control and we have warmed up to SAS 70-compliant applications. We currently are using Salesforce.com and a service management platform called Service-now.com."
Panel moderator Tsvi Gal, general partner at Exigen Private Equity, asked whether it is fair to expect public cloud providers to open their doors to legions of third-party auditors.
"Anyone who wants to provide a cloud environment to a large Wall Street firm is going have to understand that we are one of the most, if not the most, regulated industries on the planet," says Michael Ryan, senior architect and director at Bank of America Merrill Lynch (BAML). "Most of the providers get that."
To leverage the benefits of public cloud computing, firms need to adopt a hybrid approach of incorporating private as well as public infrastructure, according to Hutchinson. "The non-critical things tend to wind up on the cloud while the critical thing are pulled in-house."
Before BAML moves into any hosted environment, everyone in the firm's enterprise information management, risk organization and legal department must know what data is going to be stored in the environment and who will have access to it at all times, says Ryan. "You need to have that arrangement up front with the provider," he adds.
The bank divides its data between proprietary data, which it uses to run the bank, and confidential data, such as client records. "The difference between the two is that if there is a breach of proprietary information, it is reported in the pages of technology publications. If it is a breach of confidential information, it winds up on the front page of the The New York Times and The Wall Street Journal. We are not at the point where we will put confidential information on the cloud," says Ryan.
Although public clouds might not be ready to host mission-critical applications and data, the panelists agree that public clouds provide a good environment for grid computing and hosting of development environments.
"Development environments don't have the same regulatory requirements of a production environment," says Ryan. "It is simpler and cheaper to spin up a virtual environment in a matter of minutes, hours or days compared to procuring new hardware every time a new project comes along," he adds.
However, those savings aren't always guaranteed, adds Artio's Luthra. "We analyzed what would happen if we moved our development environment to an external cloud environment so that we could shut it down on Friday nights and bring it up Monday mornings. We found it was much cheaper for us to host it internally because we have certain internal IT capabilities, expertise and staff that makes it more cost effective to keep it internal."
Rob Daly
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Trading Tech
Recent volatility highlights tech’s vital role in fixed income pricing
MarketAxess’ Julien Alexandre discusses how cutting-edge technology is transforming pricing and execution in the fixed income market amid periodic bouts of volatility
Banks fret over vendor contracts as Dora deadline looms
Thousands of vendor contracts will need repapering to comply with EU’s new digital resilience rules
Where have all the exchange platform providers gone?
The IMD Wrap: Running an exchange is a profitable business. The margins on market data sales alone can be staggering. And since every exchange needs a reliable and efficient exchange technology stack, Max asks why more vendors aren’t diving into this space.
This Week: Trading Technologies completes ANS deal; State Street; Equinix; and more
A summary of the latest financial technology news.
Interactive Brokers looks beyond US borders for growth opportunities
As retail trading has grown in volume and importance, Interactive Brokers and others are expanding international offerings and marketing abroad.
JP Morgan’s goal of STP in loans materializes on Versana’s platform
The accomplishment highlights the budding digitization of private credit, though it’s still a long road ahead.
As data volumes explode, expect more outages
Waters Wrap: At least for those unprepared—though preparation is no easy task—says Anthony.
This Week: ICE Bonds and MarketAxess plan to connect liquidity networks, TS Imagine, Bloomberg, and more
A summary of the latest financial technology news.