Two of Australia’s big four banks have adopted AWS as their public cloud infrastructure provider. Another Australian financial services company has migrated its entire IT infrastructure to AWS.
AWS has enabled one of the four big banks improve its IT infrastructure agility and take big steps towards its goal of zero downtime using a number of open-source tools including “Bees with Guns” and “Chaos Monkey”. The former is a utility to stress test their web applications in their development environments with a “hive of bees” (a number of micro EC2 instances) while the latter will test the resiliency of the infrastructure by randomly killing instances and/or services within the production environment. This not only gave them a resilient IT infrastructure but also a resilient workforce who were no longer called in the middle of the night to resolve a troublesome production server.
Another of Australia’s big 4 banks has been one of the earliest adopters of AWS and reduced its IT budget spend on infrastructure from 75% to 26%. It has also reduced the time taken to procure a new server from a few weeks and $10,000 to 90 minutes and $150 using AWS. They have moved their webservers that receive 5 million hits per week to AWS achieving 10x cost savings in the process whilst also offsetting a big portion of their web traffic to AWS datacentres. Migration of test and development environments along with a few traditional applications to AWS eventually saved them tens of millions of dollars. In this case AWS has saved them a huge amount of capex and increased the agility of their IT infrastructure, it has also given their IT workforce the ability to focus on more strategic initiatives and providing more services their customers want.
As part of an 18-month plan, starting in mid-2013, to move 2000 applications to AWS, an Australian financial services company undertook a pilot program to test “security, scalability and resilience” which saw a 45% performance improvement. The scale of the plan has meant that AWS adjusted its pricing strategy (e.g. discounts for locking in a instance for longer periods of time and spot pricing (where available capacity can be bid on to run less critical jobs)) to be able win this particular customer. This shows how committed AWS is to getting traction in the financial services space. The elimination of IT infrastructure capex and the superior security and scalability that AWS could provide were the big factors in this company’s decision to move to AWS.
While there are certainly some big improvements to be had, there are some important points that companies must consider when making the move to AWS.
One of the biggest changes in moving is setting different expectations. Companies should expect failure and therefore build resiliency and visibility into their applications and infrastructure. Roll back around 5-10 years ago and although a single server outage may not as be as catastrophic with the advent of virtualisation and more mature high-availability solutions, it was still a highly-critical event that had to be attended to ASAP. In a properly set up cloud computing solution, a single server failure is nothing more than an information event that can be looked at in the morning.
Cloud computing has also brought upon a different mindset in regards to sick servers. Previously this could have meant hours, days or weeks of troubleshooting, patching and testing with no guarantee of resolution. Now using an IT automation tool with AWS this can be easily re-provisioned in minutes without any human intervention and without the client being aware of any downtime. As one IT solutions provider using AWS at the summit proclaimed “Treat infrastructure as cattle, not pets” (i.e. replace sick servers, don’t try to heal them).
Companies must also be wary of support models for any 3rd-party vendor apps that are migrated to the cloud as they may not fully support cloud computing which may leave them out in the cold if any issues arise. As always, this can be minimised in test and development environments but it is still a major point to review carefully.
Expectations must also be set in regards to development staff as some will be more willing than others to take on the DevOps role (where the roles of developer and operations are somewhat combined). Companies must also be prepared to provide training to appropriate staff as they may not have the required skillset to take on these extra responsibilities. Once companies have the support of their development staff, they become empowered and more agile as they can provision their own test environments with a single mouse click, deploy multiple releases in a week and deploy to production in a few minutes – all within normal business hours.
Although there are many success stories of AWS migrations there are still some concerns that still need to be addressed.
Although one of the big 4 banks in Australia has spent over AUD$1bn over the last 5 years moving their IT operations model to the cloud, customer data is still kept in-house in their own datacentre. Therefore it is imperative that the design of applications and data is well thought-out in regards to application performance and security. Times have definitely changed though and in contrast to this, an analyst at Gartner has warned not to make the assumption that data kept in-house is always more secure. The bigger cloud providers are now well-practised and “match-fit” in regards to security and in many instances more adept at securing themselves (and 3rd-party data) than ever before. As always, it is imperative that companies practise due diligence when selecting the most appropriate cloud provider for their requirements as some (Australian-based cloud providers) may be subject to different laws and regulations as others (US-based cloud providers).
One of the big apprehensions with cloud computing thus far (and rightly so) is in the security of customer’s private data. Keeping private data safe and secure is critical in keeping the confidence and trust of the customer.
In response to customers concerns with data security in the cloud, last year AWS announced CloudHSM, a service offering that uses dedicated Hardware Security Module (HSM) appliances for the encryption and decryption of data subject to rigorous contractual or regulatory requirements without sacrificing application performance.
Another point to consider; not really a fault of cloud computing but more of a product of the increasing popularity of it is licensing model ambiguity. As such companies will need to review the licensing models for any 3rd-party apps that may be migrated to AWS, especially any which will be used with Auto Scaling as a lot of licensing models use a per-CPU or per-node charging model.
It is clear that moving to the cloud is becoming a major trend as the traditional barriers for the move are becoming less and less critical. By 2015, according to a Gartner customer survey 70% of companies would be pursuing a cloud strategy and 2016 would see the bulk of new IT investment to be invested in the cloud. As AWS allows IT operation staff to make moves to treat infrastructure as code, to remove people from the process and hide the technical complexity it won’t be long until more and more companies in the financial services industry move to the cloud. And as this industry has very stringent security needs and heavy regulatory requirements, it won’t be long until more and more industries make the move to cloud computing not just for their server processing needs but for their entire IT stack.