There is a big debate in the industry over which use cases belong in public clouds. We decided to explore the arguments in our recent research looking into public cloud projects in banks.
Across the world, regulators and authorities recognise the trend towards cloud outsourcing in banks. Most recently, the EBA – following the example of other countries such as Singapore – ran a consultation in Europe with a view to providing guidelines on how banks should supervise cloud environments. However, it seems the industry still remains uncertain about which use cases are best for public cloud projects. The resulting guidelines from the EBA do not specify use case recommendations – something which half of the interviewees in our research preferred. So, without formal guidance, will the banks take different paths with regards to which use cases they move to public clouds?
Overall, there is reticence to move PII and sensitive tier one information to public clouds, such as a banks’ financial statements and results. Over half of the interviewees felt that tier one data and PII should not be prioritised for public clouds.
While reluctant to prioritise tier one information for public clouds, there is a tendency towards prioritising risk-related use cases, such as Market Risk and Counterparty Risk to public clouds. For example, over half of respondents believe use cases involving real-time or fast-moving data, requiring a lot of processing power, should be prioritised for public clouds. By implication, certain risk use cases fit this profile.
Risk use cases are huge consumers of infrastructure – banks often have thousands of servers that run grid-compute, meaning they are a good use case for public clouds. If a regulator asks a bank to run more stress scenarios, it can be more elastic and deploy an extra 500 or so servers in the public cloud.
There will be deliberate ‘baby steps’ while banks get to grips with pending regulations. To sidestep the regulations, use cases that do not involve certain data types, such as tier one information, will be prioritised as the perfect ‘guinea pigs’ in the next two years, like risk use cases.
To read our research into the state of public clouds in banks, please click here.