Video Transcript
Rokture Ramblings – Episode 8 – Trust the Cloud
Hello everyone and welcome to Rokture Ramblings where I discuss topics around digital marketing,
marketing technology, and marketing operations for the financial services industry. My
name is Fernando Pena and I’m the founder of Rokture where I help you master the digital channel.
And today’s topic is one that causes a lot of concern within financial services, and it has to
do with that unknown entity known as the cloud. And the question that I get asked is, can the cloud
be trusted with your data? And so we’ll be going over these topics here, life before clouds,
what is the cloud, benefits and risks, how to protect your data and reputation, and then using
the cloud to your benefit. So let’s go ahead and get started. So life before clouds, and I’m going
to age myself here a little bit but I remember this because this is back when client server architecture
ruled the world. And so what this meant is that technology deployments were very expensive,
very resource intensive, and also they
00:00:57 Speaker 2
required a lengthy timeline. And so for that reason, a lot of this technology that we’re seeing
today was actually out of reach for smaller financial institutions, just because of the sheer
cost of it. Dedicated resources were needed to maintain and support technology, and then disaster
recovery and redundancy were very challenging. And so as a result of that, you had a lot of sort
of servers being placed in different locations and a lot of costs and expense along with that,
just to be able to support and maintain what is considered to be the standard way of doing business
these days. So life before clouds wasn’t all sunshine, wasn’t all awful, but it did require
a lot more sort of maintenance and a lot more resources in order to do a lot of the things that we’re
expected to do today. So now what is the cloud? And really the cloud is going back to what I had
just discussed around client server. It’s now just a collection of client server environments,
but what it is is that it’s sort of
00:02:00 Speaker 2
clustered together so that it creates one single entity. So instead of calling this sort of
a clustered or an array of servers, then they just decided to give it a more friendly name known
as the cloud. And generally, these environments are managed by very large providers. So Amazon’s
AWS is one, Microsoft’s Azure is another, but there’s several others as well. And so the great
thing there is that, of course, they have huge resources that are available to you. And they
also have all of the sort of technology support and understanding to be able to run these large
systems. The cloud is also virtually unlimited with computing power, storage, scalability,
and bandwidth. And I say virtually and put in quotes here in my presentation because, I mean,
there are physical limits. But it’s just that, again, these companies have thrown a huge amount
of resources into these environments. And as a result of that, it’s unlikely that you’ll attain
the sort of need that surpasses the ability for them to
00:03:03 Speaker 2
service you.
00:03:08 Speaker 2
Benefits and risks. So just like anything else, there are benefits and risks to this cloud environment.
I won’t go through every single one of them, but the benefits here really are tremendous when
it comes to a smaller financial institution. And the reason being is that in the past, you had
to have server rooms, you had to have dedicated hardware, and also an entire team to support
and maintain all of that. Now, if you didn’t do it, you had to outsource it to someone. And oftentimes,
that came at a very expensive price tag attached to it. Also, on top of that, you have the ability
now to, again, create entities that sort of sit outside of your own physical location. And as
a result of that, now, when it comes to disaster recovery, disaster mitigation, that’s something
that is a possibility, even for the smallest institution. Now, the big risks on all of this,
though, is that you do lose control of your data. And ultimately, that’s the question that many
of you are asking and where there’s
00:04:02 Speaker 2
concern. That is something that we’ll cover here in a couple of slides in terms of how you get
around that. But it is an actual concern and something that you do need to keep top of mind. The
other thing, too, is that depending on the type of services that you utilize from these providers,
sometimes it’s a shared space, which means that if something happens to the section of space
dedicated to another client, it may still potentially impact your space as well. And so, unfortunately,
when it comes to perception from a security perspective, your clients may unfortunately be
due some of those notices that you receive in the mail, that there was a breach in a certain cloud
provider, and ultimately your data may have not been compromised, but this is the warning anyway.
The other thing, too, is that for institutions that really want complete control of their hardware,
that is limited in this case. It’s not usually a big deal from a marketing perspective because
ultimately the tools that we use
00:05:02 Speaker 2
don’t really require a lot of sort of customization from a functional perspective. But in some
cases, there might be some case studies or use cases where more control of the hardware is needed,
and in that case, the cloud might be a limiting factor. And then also, this shouldn’t be a problem
for most smaller financial institutions, but if you start to make use of an extensive amount
of bandwidth or storage or resources, those costs can add up quite quickly. I still don’t think
that’s really a cause for concern here because the sites that we create from a financial services
perspective are not very resource intensive. Now, if you’re running a banking version of Netflix,
that could be a different story, but I don’t think that’ll be the case for most of us.
00:05:53 Speaker 2
So how to protect your data and reputation? The best thing to remember here is that the cloud,
again, it’s not public in the sense that everyone can see it, but it’s public in the sense that
it is accessible to a lot of people. So they have great security in most cases. It’s pretty much
a requirement, I mean, to the point where a lot of our government entities do trust the cloud.
So a bank or a credit union or any financial institution should be able to as well. But just keep
in mind that you still want to limit the personal information, the PII, and also transactional
data on these systems. So from a marketing perspective, you’re pretty safe to put marketing
data on the cloud, but I would avoid putting anything that is considered confidential. And
many cloud providers actually limit the ability to place confidential information, and in
fact, it’s against the terms of service. So just keep that in mind. It’s for their protection
and your own, but it’s just a pretty big point here is to
00:06:53 Speaker 2
make sure that confidential information and critical information remains on site and not
in the cloud. The next one is insist on the latest security standards, protocols, and best practices.
If you’re with the bigger providers, this is pretty much a given. But if you are using smaller
providers, then this is something that you need to make sure of just to make sure that your data
is being protected. And avoid the use of shared containers with other clients. Sometimes with
applications, this isn’t always possible, but as much as you can, try to avoid that. Because
again, if there’s a breach on one side, I’ve heard stories where a security breach on one provider
ends up exposing data from another provider because it’s just simply different folders. So
once they have access to like, let’s say, the administrator ID, then they can access all the
other folders, as opposed to if you have, let’s say, a virtual server that is sort of locked into
those walls of that server. And then be proactive
00:07:51 Speaker 2
if there is a security event at your cloud provider with your clients and your prospects whose
data you may have in the cloud. Let them know because the worst thing is to hear about it on the
news or a local media source and make it seem as if you’re trying to hide something. So transparency
is really the key here and let them know that it’s only marketing information that might have
been exposed. But again, these security breaches are very rare, but they do happen. And so that’s
why it’s best to prepare accordingly for them.
00:08:25 Speaker 2
So how do you use the cloud to your benefit? And that’s number one, embrace the cloud. So I know
that this still isn’t as much of a problem, but a few years ago, the cloud was this sort of unknown
entity and there was a lot of sort of hesitation from financial services organizations to make
use of platforms in the cloud. Now, the reality of it is that without embracing the cloud, you’re
missing out on some of the latest innovations and also the ability to provide the same services
and have the same functionality that the larger institutions do. So the only way to do that is
by leveraging cloud -based applications. So it’s almost a necessary evil that you have to embrace
it. Just make use of those precautions that I mentioned in the earlier slide and you should be
OK in terms of your data protection. You do want to maintain, though, a strict firewall between
your transactional systems and any cloud -based application. Just to make absolutely certain
that one isn’t going to leak into the
00:09:25 Speaker 2
other and the other way around. Oftentimes, if you do need to place transactional information
into the cloud, then use a coded value. So a representation, let’s say that if you’re looking
at a balance of a deposit, then you say that value one is between zero and $25 ,000 or something
like that, just so that there’s no actual data that is personally identifiable being placed
on this cloud environment. Instead, you’re using something that relates back to a value that
you have internally. Use built -in integrations and APIs to connect applications whenever
applicable. And this just helps to make sure that from a security perspective, all the latest
security protocols are being observed. Now, this isn’t always possible, and the reason why
I say that is because there’s still a lot of legacy applications within many institutions.
And in that case, you do need to create customized integrations and just make sure that you’re
up to date on the latest security best practices so that you don’t have
00:10:31 Speaker 2
any sort of issues that are related to potential data breaches. And the last thing here, the
last point that I’d like to make is that the cloud really is the way to go going forward. So, again,
there may be some hesitation because of some of these risks, but I’m just bringing them up for
the fact that there are risks, but the risks are minimal. And really, in order to be able to move
to the next generation of products, applications, and to meet client expectations, that’s
perhaps the most important part here. You do need to embrace the cloud applications, and that’s
something that you’d have to really consider in order to be able to remain competitive against
your peers and also the incoming fintechs that are trying to take over the space as well. So that’s
just a brief overview of the cloud. But if you do have any other questions, feel free to give me
a call or email me or reach me on LinkedIn. All my contact information is on this page. Or if you
have any other questions around just any
00:11:34 Speaker 2
of the topics that we’ve touched upon here. So with that, that’ll be the end of today’s presentation.
And until the next time, bye -bye. Have a great one.
