How Can the Cloud be Useful for FinTech Solutions?
Cloud-based solution architecture makes it possible to work in a mobile environment anywhere in the world. This is crucial in modern realities wherein an increasing number of qualified professionals prefer to work remotely and demand the accessibility to do so. Cloud architecture enables companies to meet these demands by organizing distributed teams.
One of the crucial advantages of a distributed cloud architecture is conveyed in this quote from Ryan Brucker, CTO at Portfolio Pathway, a wealth management automation solution:
“A distributed methodology allows systems to scale horizontally as its clients grow.” –Ryan Brucker
But basic concerns come into the picture, too. Ensuring security, moving clients to the renovated solution, and choosing the right technology are the grey zones of cloud architectures.
According to Mark Worsey, EVP at MyVest, the biggest challenge for his company nowadays is making customers comfortable with legacy platform replacement as they future-proof their technology and business. When it comes to technology, MyVest’s biggest challenge is getting clients comfortable with deploying the application in their production instances in the cloud.
“Sometimes, there is an emotional or irrational security fear of running a financial application in the cloud.” –Mark Worsey
Likewise, Worsey thinks that running everything in the cloud is a huge advantage because it enables horizontally scaling in real-time, making the deployment process so much easier and more cost-effective than capital-intense methods of building data centers and acquiring hardware.
In this article, we strive to help you find the answers to such questions as:
- Do you or don’t you need a cloud?
- How do FinTech companies arrange cloud-based projects?
- How do you make cloud solutions secure and compliant with regulations?
- And more! Check out a bonus at the end of the article.
Why migrate to the cloud?
An increasing number of companies are considering using the cloud or changing their cloud app platform. Vadym Shvydkyi, Project Manager at INSART, a FinTech engineering company, says that all the projects they run use cloud services one way or another.
“Partnerships often dictate which cloud storages to choose. At one of our projects, CabinetSafe was used until the next following integration. The partner set a range of requirements, which included using two-factor authentication and a higher level of encrypting, so we had to move from CabinetSafe to box.com.” –Vadym Shvydkyi
At the moment, Vadym says, AWS S3 is the most desirable choice for most clients because its outstanding security complies with most standards that exist in the market.
Sergey Matikainen, CTO at INSART, explains that using the cloud enables choosing optimum platforms for specific needs. Moreover, projects with microservices architecture can employ the cloud only with the services that require it and choose different platforms for different services to match the task best. Thus, a balance between price, flexibility, and performance can be achieved.
“We had migrated from Heroku to Amazon at one of the projects. The client’s company growth induced Heroku to become inefficient, as with high loads it proved to be less flexible and more expensive.” –Sergey Matikainen
Cloud solution done right
As we discussed in previous publications, many startups prefer using cloud technologies such as AWS instead of building their own data centers, which tend to be more complicated and subject to tough regulations and security standards. Also, many startups think that AWS can provide safer data storage than traditional methods can and implement the most modern and exclusive security standards. Many startups use it collectively so that they can afford much more advanced security technologies than they could alone.
Matthew Rennie, a CTO at Jemstep, an integrated digital platform that enhances advisor engagement with clients, uses Amazon AWS for cloud solutions. Rennie explains that Jemstep runs on the public cloud, deploying exclusively to Amazon AWS for the elasticity benefits and convenience that the Amazon platform provides.
For their technology stack, they chose Scala, the advantage of which is Scala API for Amazon Spark. Jemstep uses Spark for analytics and ETL because it makes it easy to integrate solutions with custodians and market data providers. Each individual Spark job runs on Amazon’s data pipelines, which then runs on a batch basis within Amazon EMR. This combination of technology envisages Jemstep’s stable growth within a distributed development framework.
How to ensure cloud security
There are some obvious but sometimes overlooked elements a FinTech product needs to have to ensure security. One of those elements is compliance requirements. Why is it crucial? Let’s discuss Laserfiche as an example.
Laserfiche, an enterprise content-management and business-process automation platform, is the only business in the wealth-management space that has a records-management module that can be used in compliance of the Department of Defense, DoD 5015.2, for the long-term archiving and retention of digital records, according to Greg Eisenberg, CTO. This level of compliance is the international gold standard in protecting the integrity and security of digital records. According to Eisenberg, Laserfiche’s on-premises product can also be used in compliance with SEC Rule SEC17a-4.
Eisenberg says that it is a two-way street when it comes to on-premises security implementation. The Laserfiche platform contains all the tools and functionalities to secure data, but it’s up to the customer to make sure these controls are in place.
“We’ve also created a lot of documentation and [have been] working with our solution providers to train them on best practices, and there’s a phenomenal community of solution providers who use our answers platform to ask good questions and get answers on how to do certain things.” –Greg Eisenberg
Since moving to the cloud, Laserfiche has gained a SOC 2 compliance certification, which ensures that they follow strict information-security policies and procedures. This ensures the security, availability, processing, integrity, and confidentiality of customer data. Laserfiche also uses a third-party security firm to analyze their code base, identify potential vulnerabilities, and perform penetration testing on the Laserfiche cloud.
Eisenberg says that Laserfiche applies the same security means to their on-premises offerings. These run on the Windows Server and were written in multiple languages, from C++ to C#. Eisenberg explained that they need to identify the smartest technology to handle problems the best they can.
“[Although] there is a shift toward cloud technologies including running C# and .Net code on both Windows and Linux, our client applications will run on Mac OS and Android and Windows machines just the same.” –Greg Eisenberg
When is cloud not an option?
The are some occasions when you just can’t afford using the cloud no matter how many security measures you put in place. The market is diversified. The next example describes, in color, what makes some FinTechs give up on the cloud.
Evolute, an end-to-end digital wealth-management tool for banks and independent asset managers, operates its own data center located in Switzerland. A large part of their clientele is high-net-worth individuals (HNWIs). Evolute’s CTO, Martin Polasek, says it was a significant investment to build a local data center, but it was necessary; many HNWIs aren’t ready to store data in the cloud even though it would be a more cost-effective approach.
Evolute implemented clear segregation of data levels (e.g., the developers don’t access the production environment with real client data). Evolute’s production environment comprises various security levels—from authorization to authentication, Polasek says. In addition, Evolute has internal firewalls that segregate the database from the application servers and so on.
That said, Evolute has yet to encrypt client data—one aspect that is still a work in progress from a security perspective is that. Such a security measure is hard to implement, especially when running reporting applications and aiming to get most of their data from custodians. This is something Evolute’s architecture plans to deliver in the long run.