SlideShare a Scribd company logo

Are banks ready for the cloud?

Chris Skinner
Chris Skinner

This document discusses banks transitioning to cloud computing. It begins with a brief history of computing and the rise of cloud services. It then examines types of cloud including public, private, community and hybrid models. It outlines key risks for banks related to control, security, data location and exit strategies. It emphasizes the need for banks to retain expertise and control over critical functions. The document also discusses standards for cloud management and the importance of planning for transitioning data and services to and from the cloud. It stresses regularly exercising exit plans to ensure continuity of services and data. Overall the document provides guidance for banks on effectively adopting cloud technologies while managing risks.

BusinessTechnology
1 of 17
Are Banks ready for the Cloud? Paul Hinton PAUL.HINTON@KEMPLITTLE.COM +44 (0)20 7710 1623
Prediction is very difficult, especially about the future…” services Mid ‘60s to early ‘80s: IBM heyday ‘80s: rise of the PC ‘90s to mid-00’s: Wintel heyday Mid ‘00s onwards: Google heyday Utility Computing The rise of service based computing Cloud Computing SaaS ASP adoption internet Outsourcing ITO LPO, etc 2000s onwards: broadband replaces dial up internet 1995: Netscape IPO ; Bill Gates’ ‘Internet tidal wave’ memo software hardware BPO 1969: the software industry is born as IBM unbundles hardware & software 1940s: Adoption of programmable computer 1940s 1957: IBM introduces FORTRAN programming language 1950s 2001: .com bust 1981: Microsoft develops MS-DOS 1970: UNIX released by AT&T 1964: IBM introduces System 360 computer family 1960s 2004: Google, salesforce.com IPOs; ‘web 2.0’ coined 1971: Intel 4004 – the first microprocessor developed 1970s 1990: 1985: Microsoft open 1993: launches source Linux Windows 3.0 FSF set up 1981: IBM ‘90s: rise of launches PC laptops 1980s mid ‘00s onwards: open source (OSS) in the mainstream ‘00s: rise of PDAs 1984: Apple Mac launched 1990s 2000s 2008: Google Chrome, Microsoft Windows ‘in the Cloud’ (Azure) launched 2007: IPO of hypervisor developer VMware ‘anytime anywhere’ devices 2010s Smartphones iPad, etc
Types of Cloud Custom Private Cloud Private Cloud Community Private Cloud User Z Virtual Private Cloud Provider X Managed Company B Company A Company A Company A Company A Company B Open Public Company A Closed Private Public Cloud Owner Company Provider Provider Provider Operator Company Provider Provider Provider Provider Service Access Closed Closed Closed Limited group Open Level of Control Full High High Low None Security/Location As selected by Company As selected by Company As selected by Company As described by Provider As described by Provider Legal Terms _3 Company Bespoke Bespoke Negotiable but clear impact on price changes Limited outside of standard agreed terms Standard terms only – non-negotiable
Cost savings of Public v Private Cloud _4
Company A Custom Private Cloud _5 Managed Private Cloud Provider X Provider X Trading , Customer, sensitive , regulated, valuable time- critical data Lower value, unregulated, not time critical data Company A Virtual Private Cloud Community Private Cloud User Z User Z What are you using the cloud for? Public Cloud
SYSC Rule 8 Material Outsourcing PRA/FCA Control  (2) establish methods for assessing the standard of performance of the service provider;  (3) supervise and adequately manage the risks associated with the outsourcing;  (5) the firm must retain the expertise to supervise the outsourced functions and to manage the risks associated with the outsourcing ,and must supervise those functions and manage those risks;  (7) the firm must be able to terminate the arrangement for the outsourcing where necessary without detriment to the continuity and quality of its provision of services to clients;  (8) the service provider must co-operate with the relevant competent authority in connection with the outsourced activities;  (9) the firm, its auditors, the relevant competent authority must have effective access to data related to the outsourced activities, as well as to the business premises of the service provider; and must be able to exercise those rights of access;  (10) the service provider must protect any confidential information relating to the firm and its clients;  (11) the firm and the service provider must establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities where that is necessary having regard to the function, service or activity that has been outsourced. _6
Cloud Risks  Potential loss of control –retain sufficient control over critical data and services  Availability and access to Data – what if the internet is down? Normally a customer risk  Data Security - Adequate security measures in place and can you monitor them?  Data location – Data Protection – tougher regulation 2015 – Keeping track of exact location of Data – Customer consent?  Global law, tax and regulation  Auditing – Both rights for customer and Regulator – Distinction between effective access to data and premises?  Exit - Can you and if so how quickly/safely to ensure certainty of service and data transfer _7
FS Enabled Cloud: Cloud management standards vApp vCloud Nimbus _8 Open Cloud Standards Incubator OVF
FS Enabled Cloud  Increasing awareness and sophistication of banks in utilising cloud  Software tools to increase control over data and security of data in cloud  Cloud providers offering: –Services –higher levels of control: security, audit, geographic control and availability designed to meet bank requirements _9
Transitioning to the Cloud JIM ODELL JIM.ODELL@KEMPLITTLE.COM +44 (0)20 7710 1607
Mastering a hybrid IT environment High performance companies are adopting mixed cloud and traditional IT systems much more quickly than their lower performing competitors Accenture survey “High Performance IT Research November 2013” _11
Transitioning to and from the cloud Just another form of outsourcing? Outsourcing procurement rule number one : Never outsource unresolved problems Cloud is just another outsourced managed service: - In a private cloud or managed service, - the infrastructure may be shared, and the resources can live anywhere, but process and storage resources are dedicated to your needs. - In a public cloud structure - you don't really know where your services are, or who is managing it. You buy access to resource or an application, normally on a pay as you use basis.. _12
Transitioning to and from the cloud  Standards - Make sure that you understand the data protection, ETSI, TOSCA and other standards that you need to consider.  Intellectual Property - Cloud services also have unique third party IP, audit and data usage issues which may well require re-evaluation of existing software agreements _13
Transitioning to and from the cloud Rule number two: Retain the ability to manage your supplier and your resources Supplier Management Issues:  Make sure your IT team have a strong grasp of the supplier and his support organisation  Ensure the users and their leadership enjoy the same service levels delivered by in house applications or resources  Ensure your supplier understands the security, data access and portability, IP, risk and regulatory issues that are specific to you 14
Transitioning to and from the cloud Rule number three: Review and manage your data before transitioning to cloud  Big Data –keep what’s needed, delete the rest  Big Data Storage is low cost, but big data can mean big storage bills.  Retain control over data in cloud to ensure not storing unnecessary things for ever (Cost + DP compliance + risk!) – Data Categories - Some data can go in public cloud - Some can only go into private cloud - Some can never leave the building _15
Transitioning to and from the cloud Rule Number four: For good or bad, plan for exit: Post negotiation, make sure that you have a detailed transition support plan. Identify and address key risks around porting of services to your supplier And  Monitor your suppliers’ ability to meet clear exit arrangements should this be needed and make sure that you exercise that plan on a regular basis. Make sure that your IT and user departments (and their leadership) understand the implications of change _16
Mastering a hybrid IT environment High performance companies are adopting mixed cloud and traditional IT systems much more quickly than their lower performing competitors Accenture survey “High Performance IT Research November 2013” _17

Recommended

Bitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - publicBitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - public
Chris Skinner
 
IEEE Cloud Communications April 2015
IEEE Cloud Communications April 2015 IEEE Cloud Communications April 2015
IEEE Cloud Communications April 2015 Tracy Venters
 
OpenBrighton - The Cloud and your business
OpenBrighton - The Cloud and your businessOpenBrighton - The Cloud and your business
OpenBrighton - The Cloud and your business
Omnis Systems
 
Social Network Telecommunications
Social Network TelecommunicationsSocial Network Telecommunications
Social Network Telecommunications
Laurel Papworth
 
Disruptive Analysis at Comptel Nexterday -10 telecom myths
Disruptive Analysis at Comptel Nexterday -10 telecom mythsDisruptive Analysis at Comptel Nexterday -10 telecom myths
Disruptive Analysis at Comptel Nexterday -10 telecom myths
Dean Bubley
 
Disruptive Analysis - Telecoms Futurism
Disruptive Analysis - Telecoms FuturismDisruptive Analysis - Telecoms Futurism
Disruptive Analysis - Telecoms Futurism
Dean Bubley
 
WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...
WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...
WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...
Dean Bubley
 
Case Studies on Telecom Open Source, Paul Drew, Metaswitch Networks
Case Studies on Telecom Open Source, Paul Drew, Metaswitch NetworksCase Studies on Telecom Open Source, Paul Drew, Metaswitch Networks
Case Studies on Telecom Open Source, Paul Drew, Metaswitch Networks
Alan Quayle
 

Recommended

Bitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - publicBitcoin and cryptocurrencies fs club final - public
Bitcoin and cryptocurrencies fs club final - public
Chris Skinner
 
IEEE Cloud Communications April 2015
IEEE Cloud Communications April 2015 IEEE Cloud Communications April 2015
IEEE Cloud Communications April 2015 Tracy Venters
 
OpenBrighton - The Cloud and your business
OpenBrighton - The Cloud and your businessOpenBrighton - The Cloud and your business
OpenBrighton - The Cloud and your business
Omnis Systems
 
Social Network Telecommunications
Social Network TelecommunicationsSocial Network Telecommunications
Social Network Telecommunications
Laurel Papworth
 
Disruptive Analysis at Comptel Nexterday -10 telecom myths
Disruptive Analysis at Comptel Nexterday -10 telecom mythsDisruptive Analysis at Comptel Nexterday -10 telecom myths
Disruptive Analysis at Comptel Nexterday -10 telecom myths
Dean Bubley
 
Disruptive Analysis - Telecoms Futurism
Disruptive Analysis - Telecoms FuturismDisruptive Analysis - Telecoms Futurism
Disruptive Analysis - Telecoms Futurism
Dean Bubley
 
WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...
WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...
WebRTC Asia Forum - What's Next for WebRTC in Asia - Dean Bubley, Disruptive ...
Dean Bubley
 
Case Studies on Telecom Open Source, Paul Drew, Metaswitch Networks
Case Studies on Telecom Open Source, Paul Drew, Metaswitch NetworksCase Studies on Telecom Open Source, Paul Drew, Metaswitch Networks
Case Studies on Telecom Open Source, Paul Drew, Metaswitch Networks
Alan Quayle
 
Clearing and Settlement Working Group Meeting, March 2013
Clearing and Settlement Working Group Meeting, March 2013Clearing and Settlement Working Group Meeting, March 2013
Clearing and Settlement Working Group Meeting, March 2013Chris Skinner
 
Foredrag fsc 5mars2014
Foredrag fsc 5mars2014Foredrag fsc 5mars2014
Foredrag fsc 5mars2014
Chris Skinner
 
Life's a glitch
Life's a glitchLife's a glitch
Life's a glitch
Chris Skinner
 
Social Media in Nordea Group
Social Media in Nordea GroupSocial Media in Nordea Group
Social Media in Nordea Group
Chris Skinner
 
Why distributed ledgers
Why distributed ledgersWhy distributed ledgers
Why distributed ledgers
Chris Skinner
 
Joachim von Haenisch, CEO of KYC-Exchange
Joachim von Haenisch, CEO of KYC-ExchangeJoachim von Haenisch, CEO of KYC-Exchange
Joachim von Haenisch, CEO of KYC-Exchange
Chris Skinner
 
Digital bank latest - october
Digital bank latest - octoberDigital bank latest - october
Digital bank latest - october
Chris Skinner
 
Presentation from BKM, Turkey
Presentation from BKM, TurkeyPresentation from BKM, Turkey
Presentation from BKM, Turkey
Chris Skinner
 
Innovación Digital, Fintech, Bitcoin y Blockchain
Innovación Digital, Fintech, Bitcoin y Blockchain Innovación Digital, Fintech, Bitcoin y Blockchain
Innovación Digital, Fintech, Bitcoin y Blockchain
Alan Colmenares
 
State of the blockchain markets, july 2016
State of the blockchain markets, july 2016State of the blockchain markets, july 2016
State of the blockchain markets, july 2016
Chris Skinner
 
Startup turkey
Startup turkeyStartup turkey
Startup turkey
Chris Skinner
 
Presentación sobre Bitcoin
Presentación sobre BitcoinPresentación sobre Bitcoin
Presentación sobre Bitcoin
CEU
 
Digital Bank, May 2014
Digital Bank, May 2014Digital Bank, May 2014
Digital Bank, May 2014
Chris Skinner
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 
Indonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isvIndonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isv
Pandu W Sastrowardoyo
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
xKinAnx
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
Hossam Zein
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
CompTIA UK
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
Marc Vael
 
ERP Implementation Services UK
ERP Implementation Services UKERP Implementation Services UK
ERP Implementation Services UK
Arcus Universe Ltd
 

More Related Content

Viewers also liked

Clearing and Settlement Working Group Meeting, March 2013
Clearing and Settlement Working Group Meeting, March 2013Clearing and Settlement Working Group Meeting, March 2013
Clearing and Settlement Working Group Meeting, March 2013Chris Skinner
 
Foredrag fsc 5mars2014
Foredrag fsc 5mars2014Foredrag fsc 5mars2014
Foredrag fsc 5mars2014
Chris Skinner
 
Life's a glitch
Life's a glitchLife's a glitch
Life's a glitch
Chris Skinner
 
Social Media in Nordea Group
Social Media in Nordea GroupSocial Media in Nordea Group
Social Media in Nordea Group
Chris Skinner
 
Why distributed ledgers
Why distributed ledgersWhy distributed ledgers
Why distributed ledgers
Chris Skinner
 
Joachim von Haenisch, CEO of KYC-Exchange
Joachim von Haenisch, CEO of KYC-ExchangeJoachim von Haenisch, CEO of KYC-Exchange
Joachim von Haenisch, CEO of KYC-Exchange
Chris Skinner
 
Digital bank latest - october
Digital bank latest - octoberDigital bank latest - october
Digital bank latest - october
Chris Skinner
 
Presentation from BKM, Turkey
Presentation from BKM, TurkeyPresentation from BKM, Turkey
Presentation from BKM, Turkey
Chris Skinner
 
Innovación Digital, Fintech, Bitcoin y Blockchain
Innovación Digital, Fintech, Bitcoin y Blockchain Innovación Digital, Fintech, Bitcoin y Blockchain
Innovación Digital, Fintech, Bitcoin y Blockchain
Alan Colmenares
 
State of the blockchain markets, july 2016
State of the blockchain markets, july 2016State of the blockchain markets, july 2016
State of the blockchain markets, july 2016
Chris Skinner
 
Startup turkey
Startup turkeyStartup turkey
Startup turkey
Chris Skinner
 
Presentación sobre Bitcoin
Presentación sobre BitcoinPresentación sobre Bitcoin
Presentación sobre Bitcoin
CEU
 
Digital Bank, May 2014
Digital Bank, May 2014Digital Bank, May 2014
Digital Bank, May 2014
Chris Skinner
 

Viewers also liked (13)

Clearing and Settlement Working Group Meeting, March 2013
Clearing and Settlement Working Group Meeting, March 2013Clearing and Settlement Working Group Meeting, March 2013
Clearing and Settlement Working Group Meeting, March 2013
 
Foredrag fsc 5mars2014
Foredrag fsc 5mars2014Foredrag fsc 5mars2014
Foredrag fsc 5mars2014
 
Life's a glitch
Life's a glitchLife's a glitch
Life's a glitch
 
Social Media in Nordea Group
Social Media in Nordea GroupSocial Media in Nordea Group
Social Media in Nordea Group
 
Why distributed ledgers
Why distributed ledgersWhy distributed ledgers
Why distributed ledgers
 
Joachim von Haenisch, CEO of KYC-Exchange
Joachim von Haenisch, CEO of KYC-ExchangeJoachim von Haenisch, CEO of KYC-Exchange
Joachim von Haenisch, CEO of KYC-Exchange
 
Digital bank latest - october
Digital bank latest - octoberDigital bank latest - october
Digital bank latest - october
 
Presentation from BKM, Turkey
Presentation from BKM, TurkeyPresentation from BKM, Turkey
Presentation from BKM, Turkey
 
Innovación Digital, Fintech, Bitcoin y Blockchain
Innovación Digital, Fintech, Bitcoin y Blockchain Innovación Digital, Fintech, Bitcoin y Blockchain
Innovación Digital, Fintech, Bitcoin y Blockchain
 
State of the blockchain markets, july 2016
State of the blockchain markets, july 2016State of the blockchain markets, july 2016
State of the blockchain markets, july 2016
 
Startup turkey
Startup turkeyStartup turkey
Startup turkey
 
Presentación sobre Bitcoin
Presentación sobre BitcoinPresentación sobre Bitcoin
Presentación sobre Bitcoin
 
Digital Bank, May 2014
Digital Bank, May 2014Digital Bank, May 2014
Digital Bank, May 2014
 

Similar to Are banks ready for the cloud?

Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 
Indonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isvIndonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isv
Pandu W Sastrowardoyo
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
xKinAnx
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
Hossam Zein
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
CompTIA UK
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
Marc Vael
 
ERP Implementation Services UK
ERP Implementation Services UKERP Implementation Services UK
ERP Implementation Services UK
Arcus Universe Ltd
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
Ashish Patel
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
IBM Sverige
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
Ciente
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the Cloud
RapidScale
 
Tech equity - Cloud presentation
Tech equity - Cloud presentationTech equity - Cloud presentation
Tech equity - Cloud presentation
Adrian Hall
 
Cloud capability for startups
Cloud capability for startupsCloud capability for startups
Cloud capability for startups
Cloud and analytics Lab
 
Cloud computing
Cloud computingCloud computing
Cloud computingHira Zahan
 
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Real-Time Innovations (RTI)
 
Cloud computings
Cloud computingsCloud computings
Cloud computings
Gopal Jogdand
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
Tejaswi Agarwal
 

Similar to Are banks ready for the cloud? (20)

Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Indonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isvIndonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isv
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
 
ERP Implementation Services UK
ERP Implementation Services UKERP Implementation Services UK
ERP Implementation Services UK
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the Cloud
 
Tech equity - Cloud presentation
Tech equity - Cloud presentationTech equity - Cloud presentation
Tech equity - Cloud presentation
 
Cloud capability for startups
Cloud capability for startupsCloud capability for startups
Cloud capability for startups
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Features of cloud
Features of cloudFeatures of cloud
Features of cloud
 
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
 
Cloud computings
Cloud computingsCloud computings
Cloud computings
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
 

More from Chris Skinner

How to refresh to be fit for the future world
How to refresh to be fit for the future worldHow to refresh to be fit for the future world
How to refresh to be fit for the future world
Chris Skinner
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf
Chris Skinner
 
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
Chris Skinner
 
WEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdf
WEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdfWEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdf
WEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdf
Chris Skinner
 
Temenos_Global_Report_Final_Sep22.pdf
Temenos_Global_Report_Final_Sep22.pdfTemenos_Global_Report_Final_Sep22.pdf
Temenos_Global_Report_Final_Sep22.pdf
Chris Skinner
 
the-second-wave-resilient-inclusive-exponential-fintechs.pdf
the-second-wave-resilient-inclusive-exponential-fintechs.pdfthe-second-wave-resilient-inclusive-exponential-fintechs.pdf
the-second-wave-resilient-inclusive-exponential-fintechs.pdf
Chris Skinner
 
Evident_AI_Innovation_Report_.pdf
Evident_AI_Innovation_Report_.pdfEvident_AI_Innovation_Report_.pdf
Evident_AI_Innovation_Report_.pdf
Chris Skinner
 
global-pulse-of-fintech-h123-report-web (1).pdf
global-pulse-of-fintech-h123-report-web (1).pdfglobal-pulse-of-fintech-h123-report-web (1).pdf
global-pulse-of-fintech-h123-report-web (1).pdf
Chris Skinner
 
roland_berger_trend_compendium_2050_compact_version.pdf
roland_berger_trend_compendium_2050_compact_version.pdfroland_berger_trend_compendium_2050_compact_version.pdf
roland_berger_trend_compendium_2050_compact_version.pdf
Chris Skinner
 
S&P on DeFi
S&P on DeFiS&P on DeFi
S&P on DeFi
Chris Skinner
 
US core banking share
US core banking shareUS core banking share
US core banking share
Chris Skinner
 
DIFC Summit, May 2023.pptx
DIFC Summit, May 2023.pptxDIFC Summit, May 2023.pptx
DIFC Summit, May 2023.pptx
Chris Skinner
 
JPMorgan_Chase_Presentation.pdf
JPMorgan_Chase_Presentation.pdfJPMorgan_Chase_Presentation.pdf
JPMorgan_Chase_Presentation.pdf
Chris Skinner
 
Finacle-Innovation-in-Retail-Banking-2023-Report.pdf
Finacle-Innovation-in-Retail-Banking-2023-Report.pdfFinacle-Innovation-in-Retail-Banking-2023-Report.pdf
Finacle-Innovation-in-Retail-Banking-2023-Report.pdf
Chris Skinner
 
European Union survey of digital banking progress
European Union survey of digital banking progressEuropean Union survey of digital banking progress
European Union survey of digital banking progress
Chris Skinner
 
Climate Impact Report
Climate Impact ReportClimate Impact Report
Climate Impact Report
Chris Skinner
 
FT Partners Research - FinTech in Africa.pdf
FT Partners Research - FinTech in Africa.pdfFT Partners Research - FinTech in Africa.pdf
FT Partners Research - FinTech in Africa.pdf
Chris Skinner
 
Accenture-Banking-Top-10-Trends-2023.pdf
Accenture-Banking-Top-10-Trends-2023.pdfAccenture-Banking-Top-10-Trends-2023.pdf
Accenture-Banking-Top-10-Trends-2023.pdf
Chris Skinner
 
Global Cryptasset Standards
Global Cryptasset StandardsGlobal Cryptasset Standards
Global Cryptasset Standards
Chris Skinner
 
European Banks Outlook 2023_09.12.22.pdf
European Banks Outlook 2023_09.12.22.pdfEuropean Banks Outlook 2023_09.12.22.pdf
European Banks Outlook 2023_09.12.22.pdf
Chris Skinner
 

More from Chris Skinner (20)

How to refresh to be fit for the future world
How to refresh to be fit for the future worldHow to refresh to be fit for the future world
How to refresh to be fit for the future world
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf
 
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
 
WEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdf
WEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdfWEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdf
WEF_Navigating_the_Industrial_Metaverse_A_Blueprint_2024.pdf
 
Temenos_Global_Report_Final_Sep22.pdf
Temenos_Global_Report_Final_Sep22.pdfTemenos_Global_Report_Final_Sep22.pdf
Temenos_Global_Report_Final_Sep22.pdf
 
the-second-wave-resilient-inclusive-exponential-fintechs.pdf
the-second-wave-resilient-inclusive-exponential-fintechs.pdfthe-second-wave-resilient-inclusive-exponential-fintechs.pdf
the-second-wave-resilient-inclusive-exponential-fintechs.pdf
 
Evident_AI_Innovation_Report_.pdf
Evident_AI_Innovation_Report_.pdfEvident_AI_Innovation_Report_.pdf
Evident_AI_Innovation_Report_.pdf
 
global-pulse-of-fintech-h123-report-web (1).pdf
global-pulse-of-fintech-h123-report-web (1).pdfglobal-pulse-of-fintech-h123-report-web (1).pdf
global-pulse-of-fintech-h123-report-web (1).pdf
 
roland_berger_trend_compendium_2050_compact_version.pdf
roland_berger_trend_compendium_2050_compact_version.pdfroland_berger_trend_compendium_2050_compact_version.pdf
roland_berger_trend_compendium_2050_compact_version.pdf
 
S&P on DeFi
S&P on DeFiS&P on DeFi
S&P on DeFi
 
US core banking share
US core banking shareUS core banking share
US core banking share
 
DIFC Summit, May 2023.pptx
DIFC Summit, May 2023.pptxDIFC Summit, May 2023.pptx
DIFC Summit, May 2023.pptx
 
JPMorgan_Chase_Presentation.pdf
JPMorgan_Chase_Presentation.pdfJPMorgan_Chase_Presentation.pdf
JPMorgan_Chase_Presentation.pdf
 
Finacle-Innovation-in-Retail-Banking-2023-Report.pdf
Finacle-Innovation-in-Retail-Banking-2023-Report.pdfFinacle-Innovation-in-Retail-Banking-2023-Report.pdf
Finacle-Innovation-in-Retail-Banking-2023-Report.pdf
 
European Union survey of digital banking progress
European Union survey of digital banking progressEuropean Union survey of digital banking progress
European Union survey of digital banking progress
 
Climate Impact Report
Climate Impact ReportClimate Impact Report
Climate Impact Report
 
FT Partners Research - FinTech in Africa.pdf
FT Partners Research - FinTech in Africa.pdfFT Partners Research - FinTech in Africa.pdf
FT Partners Research - FinTech in Africa.pdf
 
Accenture-Banking-Top-10-Trends-2023.pdf
Accenture-Banking-Top-10-Trends-2023.pdfAccenture-Banking-Top-10-Trends-2023.pdf
Accenture-Banking-Top-10-Trends-2023.pdf
 
Global Cryptasset Standards
Global Cryptasset StandardsGlobal Cryptasset Standards
Global Cryptasset Standards
 
European Banks Outlook 2023_09.12.22.pdf
European Banks Outlook 2023_09.12.22.pdfEuropean Banks Outlook 2023_09.12.22.pdf
European Banks Outlook 2023_09.12.22.pdf
 

Recently uploaded

5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
ofm712785
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
RajPriye
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
sarahvanessa51503
 
Set off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptxSet off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptx
HARSHITHV26
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
BBPMedia1
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
Cynthia Clay
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
marketing317746
 
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdfSearch Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Arihant Webtech Pvt. Ltd
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
Ben Wann
 
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.docBài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc
daothibichhang1
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
Authentically Social Presented by Corey Perlman
Authentically Social Presented by Corey PerlmanAuthentically Social Presented by Corey Perlman
Authentically Social Presented by Corey Perlman
Corey Perlman, Social Media Speaker and Consultant
 
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Lviv Startup Club
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
dylandmeas
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
Lviv Startup Club
 
Creative Web Design Company in Singapore
Creative Web Design Company in SingaporeCreative Web Design Company in Singapore
Creative Web Design Company in Singapore
techboxsqauremedia
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
BBPMedia1
 

Recently uploaded (20)

5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
 
Set off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptxSet off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptx
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
 
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdfSearch Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
 
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.docBài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
Authentically Social Presented by Corey Perlman
Authentically Social Presented by Corey PerlmanAuthentically Social Presented by Corey Perlman
Authentically Social Presented by Corey Perlman
 
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
 
Creative Web Design Company in Singapore
Creative Web Design Company in SingaporeCreative Web Design Company in Singapore
Creative Web Design Company in Singapore
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
 

Are banks ready for the cloud?

  • 1. Are Banks ready for the Cloud? Paul Hinton PAUL.HINTON@KEMPLITTLE.COM +44 (0)20 7710 1623
  • 2. Prediction is very difficult, especially about the future…” services Mid ‘60s to early ‘80s: IBM heyday ‘80s: rise of the PC ‘90s to mid-00’s: Wintel heyday Mid ‘00s onwards: Google heyday Utility Computing The rise of service based computing Cloud Computing SaaS ASP adoption internet Outsourcing ITO LPO, etc 2000s onwards: broadband replaces dial up internet 1995: Netscape IPO ; Bill Gates’ ‘Internet tidal wave’ memo software hardware BPO 1969: the software industry is born as IBM unbundles hardware & software 1940s: Adoption of programmable computer 1940s 1957: IBM introduces FORTRAN programming language 1950s 2001: .com bust 1981: Microsoft develops MS-DOS 1970: UNIX released by AT&T 1964: IBM introduces System 360 computer family 1960s 2004: Google, salesforce.com IPOs; ‘web 2.0’ coined 1971: Intel 4004 – the first microprocessor developed 1970s 1990: 1985: Microsoft open 1993: launches source Linux Windows 3.0 FSF set up 1981: IBM ‘90s: rise of launches PC laptops 1980s mid ‘00s onwards: open source (OSS) in the mainstream ‘00s: rise of PDAs 1984: Apple Mac launched 1990s 2000s 2008: Google Chrome, Microsoft Windows ‘in the Cloud’ (Azure) launched 2007: IPO of hypervisor developer VMware ‘anytime anywhere’ devices 2010s Smartphones iPad, etc
  • 3. Types of Cloud Custom Private Cloud Private Cloud Community Private Cloud User Z Virtual Private Cloud Provider X Managed Company B Company A Company A Company A Company A Company B Open Public Company A Closed Private Public Cloud Owner Company Provider Provider Provider Operator Company Provider Provider Provider Provider Service Access Closed Closed Closed Limited group Open Level of Control Full High High Low None Security/Location As selected by Company As selected by Company As selected by Company As described by Provider As described by Provider Legal Terms _3 Company Bespoke Bespoke Negotiable but clear impact on price changes Limited outside of standard agreed terms Standard terms only – non-negotiable
  • 4. Cost savings of Public v Private Cloud _4
  • 5. Company A Custom Private Cloud _5 Managed Private Cloud Provider X Provider X Trading , Customer, sensitive , regulated, valuable time- critical data Lower value, unregulated, not time critical data Company A Virtual Private Cloud Community Private Cloud User Z User Z What are you using the cloud for? Public Cloud
  • 6. SYSC Rule 8 Material Outsourcing PRA/FCA Control  (2) establish methods for assessing the standard of performance of the service provider;  (3) supervise and adequately manage the risks associated with the outsourcing;  (5) the firm must retain the expertise to supervise the outsourced functions and to manage the risks associated with the outsourcing ,and must supervise those functions and manage those risks;  (7) the firm must be able to terminate the arrangement for the outsourcing where necessary without detriment to the continuity and quality of its provision of services to clients;  (8) the service provider must co-operate with the relevant competent authority in connection with the outsourced activities;  (9) the firm, its auditors, the relevant competent authority must have effective access to data related to the outsourced activities, as well as to the business premises of the service provider; and must be able to exercise those rights of access;  (10) the service provider must protect any confidential information relating to the firm and its clients;  (11) the firm and the service provider must establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities where that is necessary having regard to the function, service or activity that has been outsourced. _6
  • 7. Cloud Risks  Potential loss of control –retain sufficient control over critical data and services  Availability and access to Data – what if the internet is down? Normally a customer risk  Data Security - Adequate security measures in place and can you monitor them?  Data location – Data Protection – tougher regulation 2015 – Keeping track of exact location of Data – Customer consent?  Global law, tax and regulation  Auditing – Both rights for customer and Regulator – Distinction between effective access to data and premises?  Exit - Can you and if so how quickly/safely to ensure certainty of service and data transfer _7
  • 8. FS Enabled Cloud: Cloud management standards vApp vCloud Nimbus _8 Open Cloud Standards Incubator OVF
  • 9. FS Enabled Cloud  Increasing awareness and sophistication of banks in utilising cloud  Software tools to increase control over data and security of data in cloud  Cloud providers offering: –Services –higher levels of control: security, audit, geographic control and availability designed to meet bank requirements _9
  • 10. Transitioning to the Cloud JIM ODELL JIM.ODELL@KEMPLITTLE.COM +44 (0)20 7710 1607
  • 11. Mastering a hybrid IT environment High performance companies are adopting mixed cloud and traditional IT systems much more quickly than their lower performing competitors Accenture survey “High Performance IT Research November 2013” _11
  • 12. Transitioning to and from the cloud Just another form of outsourcing? Outsourcing procurement rule number one : Never outsource unresolved problems Cloud is just another outsourced managed service: - In a private cloud or managed service, - the infrastructure may be shared, and the resources can live anywhere, but process and storage resources are dedicated to your needs. - In a public cloud structure - you don't really know where your services are, or who is managing it. You buy access to resource or an application, normally on a pay as you use basis.. _12
  • 13. Transitioning to and from the cloud  Standards - Make sure that you understand the data protection, ETSI, TOSCA and other standards that you need to consider.  Intellectual Property - Cloud services also have unique third party IP, audit and data usage issues which may well require re-evaluation of existing software agreements _13
  • 14. Transitioning to and from the cloud Rule number two: Retain the ability to manage your supplier and your resources Supplier Management Issues:  Make sure your IT team have a strong grasp of the supplier and his support organisation  Ensure the users and their leadership enjoy the same service levels delivered by in house applications or resources  Ensure your supplier understands the security, data access and portability, IP, risk and regulatory issues that are specific to you 14
  • 15. Transitioning to and from the cloud Rule number three: Review and manage your data before transitioning to cloud  Big Data –keep what’s needed, delete the rest  Big Data Storage is low cost, but big data can mean big storage bills.  Retain control over data in cloud to ensure not storing unnecessary things for ever (Cost + DP compliance + risk!) – Data Categories - Some data can go in public cloud - Some can only go into private cloud - Some can never leave the building _15
  • 16. Transitioning to and from the cloud Rule Number four: For good or bad, plan for exit: Post negotiation, make sure that you have a detailed transition support plan. Identify and address key risks around porting of services to your supplier And  Monitor your suppliers’ ability to meet clear exit arrangements should this be needed and make sure that you exercise that plan on a regular basis. Make sure that your IT and user departments (and their leadership) understand the implications of change _16
  • 17. Mastering a hybrid IT environment High performance companies are adopting mixed cloud and traditional IT systems much more quickly than their lower performing competitors Accenture survey “High Performance IT Research November 2013” _17

Editor's Notes

  1. Cost savings of Public v Private Cloud
  2. SYSC 8.1.8 06/05/2009 A common platform firm must in particular take the necessary steps to ensure that the following conditions are satisfied: (1)  the service provider must have the ability, capacity, and any authorisation required by law to perform the outsourced functions, services or activities reliably and professionally; (2)  the service provider must carry out the outsourced services effectively, and to this end the firm must establish methods for assessing the standard of performance of the service provider; (3)  the service provider must properly supervise the carrying out of the outsourced functions, and adequately manage the risks associated with the outsourcing; (4)  appropriate action must be taken if it appears that the service provider may not be carrying out the functions effectively and in compliance with applicable laws and regulatory requirements; (5)  the firm must retain the necessary expertise to supervise the outsourced functions effectively and to5 manage the risks associated with the outsourcing ,55and must supervise those functions and manage those risks; (6)  the service provider must disclose to the firm any development that may have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable laws and regulatory requirements; (7)  the firm must be able to terminate the arrangement for the outsourcing where necessary without detriment to the continuity and quality of its provision of services to clients; (8)  the service provider must co-operate with the FSA and any other relevant competent authority in connection with the outsourced activities; (9)  the firm, its auditors, the FSA and any other relevant competent authority must have effective access to data related to the outsourced activities, as well as to the business premises of the service provider; and the FSA and any other relevant competent authority must be able to exercise those rights of access; (10)  the service provider must protect any confidential information relating to the firm and its clients; (11)  the firm and the service provider must establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities where that is necessary having regard to the function, service or activity that has been outsourced. [Note: article 14(2) second paragraph of the MiFID implementing Directive]
  3. EU Strategy: The Commission decided on 27th Sept that they wanted to “Unleash the potential of cloud computing in Europe”. EU justice commissioner Viviane Reding said: "Europe needs to think big. The cloud strategy will enhance trust in innovative computing solutions and boost a competitive digital single market where Europeans feel safe. That means a swift adoption of the new data protection framework, which the EC proposed earlier this year, and the development of safe and fair contract terms and conditions.". The chat about model contract terms in the strategy paper being particularly interesting…. Plans for commission to develop these model terms by end of 2013.However: any model terms would have to interact with proposed Regulation on Common European Sales Law (which it seems every member state opposes) which deals with:“data which are produced and supplied in digital form, whether or not according to the buyer's specifications, including video, audio, picture or written digital content, digital games, software and digital content which makes it possible to personalise existing hardware or software” (digital content) which can be stored, processed or accessed, and re-used by the user but excludes “electronic communications services and networks, and associated facilities and services” as well as ”the creation of new digital content and the amendment of existing digital content”.Industry may develop competing set of terms to increase their input
  4. SYSC 8.1.8 06/05/2009 A common platform firm must in particular take the necessary steps to ensure that the following conditions are satisfied: (1)  the service provider must have the ability, capacity, and any authorisation required by law to perform the outsourced functions, services or activities reliably and professionally; (2)  the service provider must carry out the outsourced services effectively, and to this end the firm must establish methods for assessing the standard of performance of the service provider; (3)  the service provider must properly supervise the carrying out of the outsourced functions, and adequately manage the risks associated with the outsourcing; (4)  appropriate action must be taken if it appears that the service provider may not be carrying out the functions effectively and in compliance with applicable laws and regulatory requirements; (5)  the firm must retain the necessary expertise to supervise the outsourced functions effectively and to5 manage the risks associated with the outsourcing ,55and must supervise those functions and manage those risks; (6)  the service provider must disclose to the firm any development that may have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable laws and regulatory requirements; (7)  the firm must be able to terminate the arrangement for the outsourcing where necessary without detriment to the continuity and quality of its provision of services to clients; (8)  the service provider must co-operate with the FSA and any other relevant competent authority in connection with the outsourced activities; (9)  the firm, its auditors, the FSA and any other relevant competent authority must have effective access to data related to the outsourced activities, as well as to the business premises of the service provider; and the FSA and any other relevant competent authority must be able to exercise those rights of access; (10)  the service provider must protect any confidential information relating to the firm and its clients; (11)  the firm and the service provider must establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities where that is necessary having regard to the function, service or activity that has been outsourced. [Note: article 14(2) second paragraph of the MiFID implementing Directive] SYSC 8.1.8 06/05/2009 A common platform firm must in particular take the necessary steps to ensure that the following conditions are satisfied: (1)  the service provider must have the ability, capacity, and any authorisation required by law to perform the outsourced functions, services or activities reliably and professionally; (2)  the service provider must carry out the outsourced services effectively, and to this end the firm must establish methods for assessing the standard of performance of the service provider; (3)  the service provider must properly supervise the carrying out of the outsourced functions, and adequately manage the risks associated with the outsourcing; (4)  appropriate action must be taken if it appears that the service provider may not be carrying out the functions effectively and in compliance with applicable laws and regulatory requirements; (5)  the firm must retain the necessary expertise to supervise the outsourced functions effectively and to5 manage the risks associated with the outsourcing ,55and must supervise those functions and manage those risks; (6)  the service provider must disclose to the firm any development that may have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable laws and regulatory requirements; (7)  the firm must be able to terminate the arrangement for the outsourcing where necessary without detriment to the continuity and quality of its provision of services to clients; (8)  the service provider must co-operate with the FSA and any other relevant competent authority in connection with the outsourced activities; (9)  the firm, its auditors, the FSA and any other relevant competent authority must have effective access to data related to the outsourced activities, as well as to the business premises of the service provider; and the FSA and any other relevant competent authority must be able to exercise those rights of access; (10)  the service provider must protect any confidential information relating to the firm and its clients; (11)  the firm and the service provider must establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities where that is necessary having regard to the function, service or activity that has been outsourced. [Note: article 14(2) second paragraph of the MiFID implementing Directive]