Public Cloud or Private? Banks Map a Path Towards Both

Print
Email
Reprints
Comments (2)
Twitter
LinkedIn
Facebook
Google+

Most banks know about the cloud, and many have even started to develop limited private clouds, leveraging the massive computing power of their internal data centers.

But Deutsche Bank (DB) and National Australia Bank are in the minority of banks actively strategizing about opportunities in the public cloud.

Though Deutsche Bank, of Frankfurt, said it began developing internal cloud computing capabilities in pieces starting about 2002, the external cloud represents its next frontier, and journeying there puts the bank face to face with the primary roadblocks all banks face when they think of moving computing beyond their own perimeters.

"We want a complete solution, it is not just the technology, it is an operating environment," Andrew Stokes, chief infrastructure architect for Deutsche Bank, said during a presentation at the Open Data Center Alliance Forecast 2012 in New York last week.

To get to that environment, Deutsche Bank, like every other bank, needs to resolve important security, transparency, management and regulatory issues; banks would also benefit if vendors providing cloud computing products and services would adhere to standards for use and access, Stokes said.

Security and regulatory issues are the most nettlesome for banks hoping to use a public cloud, experts say, because the cloud is a distributed environment. That means banks have to guard against their customer data moving into far-flung geographical regions, for compliance and regulatory reasons. Ensuring privacy and security of the data is also critical.

Once it's in the public cloud, "It's out of your control and more vulnerable to being accessed outside your environment," Mary Knox, a research director at Gartner, said.

About 13% of banks worldwide use the public cloud in some form, according to Gartner.

Primarily banks will use the public cloud for non-critical, non-core applications, such as marketing, back office applications that don't involve sensitive customer data, and potentially for check clearing and credit card processing, among other things, according to Accenture.

Half of the 204 banks surveyed by Gartner last year at Sibos said that security was their biggest concern with moving computing activities to the public cloud, followed by 37% who cited regulatory concerns.

Migration of applications is also a top concern, Stokes said.

While banks typically start small, even developing a private cloud within a bank can be extremely complicated, Knox said, because bank product lines are so famously siloed.

"Certain functionality is moved to a shared services layer within the bank, and this is positioned as the private cloud, and that is what we are seeing first," Knox said.

This drill rings true for banks that are in initial stages of moving computing networks to the cloud, like National Australia Bank, one of the largest banks in Australia with about $750 billion in assets. It first took baby steps toward the public cloud about four years ago, opening up its sales and marketing efforts by deploying Salesforce.com and Oracle CRM on Demand, said Denis McGee, general manager of application, development, and testing.

Now it's actively building an internal private cloud. By the end of the second quarter, it will roll out infrastructure on demand, McGee said, which can ramp up and down depending on customer demand for things like Web banking and other online services.

"We will be able to spin those extra servers up for more capacity as it is needed," McGee said.

Further movement to the public cloud is still many years away for NAB, McGee said. Part of the hold up for the bank is lack of a set of industry standards for applications, protocols and interfaces with hardware stacks, he said.

Deutsche Bank also started out by developing an internal private cloud, creating a flexible, adaptive computing environment, Stokes said, and a small distributed environment for IT as a service.

"We evolved from an IT support organization, putting two servers out there and two [operating systems] together, to shared hosting services in a simple container, and we packaged this with different [service level agreement] criteria and recovery criteria," Stokes said.

Deutsche Bank launched its first generation internal cloud in 2008, something it called 3CV, combining data storage, high performance blades and server virtualization, creating self-service portals, fast delivery and thin provisioning, Stokes said.

Since 2010, it's created a contained environment capable of ramping up 2,000 virtual machines from the bank's internal network at any given time.

But making the jump to the public cloud is extremely nettlesome, and for that Deutsche Bank has more questions than answers, though the bank will likely take a hybrid cloud approach that balances internal cloud capabilities with external cloud capacity.

Its wish list items for a public cloud environment include a system that is easy to manage, and one that can be provisioned, patched, upgraded and even retired, as Deutsche Bank would any enterprise system. Said virtualization will be critical. And so will the ability to create a system where routine business activities, such as straight-through processing, can be achieved on an industrial scale. Other goals are price transparency, the ability to pay on a per-use case, and the elasticity of applications, Stokes said.

"We want to be able to do repeatable processing at this industrialized scale … Applications need to grow and shrink, depending on what the business demand is, on a second by second basis, " Stokes said.

To achieve that, as yet another intermediate phase, Deutsche Bank will settle on a hybrid approach.

"What we are trying to do here is bring together the external cloud with our … highly optimized internal cloud services and the thousands of application we run inside a big, global investment bank," Stokes said

Together with members of the Open Data Center Alliance, a group that includes 280 companies including banks JPMorgan Chase (JPM), National Australia Bank and UBS (UBS), Deutsche Bank will drive $50 billion in increased spending on cloud services and storage, as well as $25 billion in cost savings annually, Stokes said.

JOIN THE DISCUSSION

(2) Comments

SEE MORE IN

'The Law Penalizes the Consumers It Set Out to Protect': Comments of the Week

American Banker readers share their views on the most pressing banking topics of the week. As excerpted from the Comments sections of AmericanBanker.com articles.

(Image: Fotolia)

Comments (2)
Just curious to know if in general banks regard virtualization 2.0 as a private cloud, or if they are looking at cloud platforms (such as Eucalyptus) for elastic resource orchestration? [Full disclosure: I work for Eucalyptus]
Posted by eric.choi | Monday, June 18 2012 at 11:56AM ET
Hi Eric:

Thanks for your comment. I'm not sure what you mean by virtualization 2.0, but one of my sources tells me that banks often mean different things when they talk about a private cloud. Banks may or may not be using vendor-supplied platforms, and in some cases a private cloud means a "SOA-compliant" shared services layer. I hope that helps.--Jeremy Quittner, American Banker
Posted by jeremy.quittner@sourcemedia.com | Monday, June 18 2012 at 2:52PM ET
Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.

The Most Influential Women in Payments

What does it take to lead in the still-mostly-male world of payments? This year's 20 Most Influential Women in Payments share stories about how they got to the top, their vision for the future of payments (hint: it's mainly mobile), and advice to other women working their way up the ladder.
DAILY ENEWSLETTER UPDATE

A Newsletter featuring Bank Technology News' top stories plus special reports and data

TWITTER
FACEBOOK
LINKEDIN
Already a subscriber? Log in here
Please note you must now log in with your email address and password.