the-best-way-to-go-‘all-in’-on-cloud

The best way to go ‘all in’ on cloud

Banks are finally realizing that cloud offers a lot of benefits they can’t replicate in their own data centers. But lock-in with one vendor has its own risks.




The best way to go ‘all in’ on cloud

Mehmet Hilmi Barcin / Getty

In 2015 Capital One CIO Rob Alexander took the AWS re:Invent stage to declaim the company’s independence from its traditional data centers, shifting instead to a reliance on AWS to run its infrastructure. The company went from eight data centers in 2014 to five in 2016 to three in 2018. In late 2020, the company announced that its journey to truly being “all in” on the public cloud was complete. The move away from running its own infrastructure, however, didn’t mean it sent engineers looking for new jobs. The opposite, in fact. Even as the company shifted to public cloud, it more than doubled the number of technical employees on its payroll, roughly 85% of whom are engineers.

Just as it had envisioned in 2015, Capital One was now a tech company that happened to build banking applications, rather than a bank that happened to dabble in tech.

Capital One is the exception not the rule when it comes to banks jumping into the cloud. Yes, it’s not hard to find financial services companies embracing cloud to speed innovation (see Google Cloud, AWS, and Microsoft Azure customer case studies). But it is difficult to find Capital One-esque “all in” examples, be it to a single cloud provider or multicloud. This is starting to change, as Gartner Analyst Lydia Leong recently highlighted. At long last, “banks are accelerating their cloud journeys.”

But where they end those journeys could make a huge difference.

A long time coming

We’ve been talking about this shift to public cloud for what seems like eons. I wrote in 2015 that “The mega-clouds are coming for your data center,” and they were, but we saw the equivalent of toe-dipping rather than diving in headfirst. Why?

Well, all the obvious concerns come to mind, security foremost among them. Banks stubbornly held to their view that only they could safeguard sensitive customer data—until the day they realized that, in fact, the cloud providers were better at security. In his 2015 re:Invent keynote, Alexander called this out, arguing that AWS could better secure his workloads than his own team, despite Capital One having highly qualified security professionals on staff. The other banks may have taken longer to reach this same conclusion, but they’re getting there now.

As Leong wrote in a research note, “The long-held adage that ‘banks might put new systems of innovation or systems of engagement in the cloud, but they’ll never move core banking’ is crumbling.” Not only do they trust the public clouds more, but they don’t really have a choice. As Leong stressed in her research note, app modernization is the top reason banks are accelerating their cloud journeys, with total cost of ownership, greater agility, and improved data security as other top drivers. As I and others have pointed out, digital transformation hit overdrive during the pandemic as enterprises of all kinds, including banks, realized that they wouldn’t survive if they kept plodding along old IT paths.

Importantly, although Capital One was early with an “all in on AWS” strategy, most banks tend to be multicloud, notes Leong. The bigger the bank, the more likely they’re multicloud, with AWS the first choice among the largest banks and Azure dominating midmarket banks (according to Leong’s anecdotal impression). Although “multicloud” is often more incidental than intentional, she stresses that “banks are making the transition to a more systematic approach to multicloud, … building workload placement policies to guide where workloads should go.”

This is both good and bad.

New risks

According to Leong, “Banks worry about cloud concentration risks [because] many banks face regulatory regimes that require them to address concentration risk.” While this sounds great (freedom from lock-in!), the very attempt to have apps be portable across clouds minimizes the benefits of going to the cloud in the first place. (Building in that portability increases costs and lowers flexibility, something I found at a previous employer when we shifted between clouds.)

Trying to maintain portability also pushes banks toward a “plain vanilla” approach to cloud computing that may obviate the biggest benefits of building on a particular cloud. But balanced against those concerns is a prickly point that InfoWorld Columnist David Linthicum singles out: “If a client told me that they were going with a single public cloud provider, my concern would not be risk of lock-in with that provider in terms of outages, price gouging, or even going out of business. It would be more about limiting themselves to solutions found in the ‘walled garden’ of a single cloud provider.”

Going all in on AWS is great for a number of reasons for Capital One, but it also locks them out of better machine learning, database, analytics, or other options on a different provider. As Linthicum expresses, companies risk “not being able to leverage the best solutions across cloud providers and ending up with an underoptimized architecture.”

“Multicloud has much disaster recovery value,” he continues, but the real multicloud value is in picking the best tools for the workload at hand. Hence, as banks (and others) move to public cloud, they’d be wise to think of ways to enable their teams to tap into the best innovations a particular cloud provider offers while not shackling themselves to any one cloud. For example, one promising strategy is to ensure their data layer spans multiple clouds so they can use data from an application running in one cloud and analyze that data on another cloud, pairing compute from one provider with the analytics of another.

This sort of approach allows an enterprise to tap into the strengths of each cloud. For banks that are just now reaching the conclusion that they need to move to the cloud quickly, they’d do well to ensure they’re maximizing freedom in the cloud.

Matt Asay runs evangelism at MongoDB.

Copyright © 2021 IDG Communications, Inc.