Download - EY Trajectory_Final

1

Binghamton Bank IT SolutionsImplementing the Cloud

SaaS Team

Eugene Br izo , John Montesano, Jess ica Vinokur, Dan ie l Wang

IaaS Team

Br ian Hum, Chr is Lo, Rober t P im, Anna Pr ig l

2

I. BackgroundII. Cloud computing overviewIII. Software-as-a-service (SaaS) overviewIV. Big data utilizationV. Infrastructure-as-a-service (IaaS) overviewVI. Business impact analysis tool overviewVII. TimelineVIII.Conclusion

Agenda

3

Background

Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline

• Binghamton Bank Corporation, under the head of a new CEO, has a new goal to transform current systems to match business needs• Better understand the future needs of their customers and investors• Track and identify customer buying patterns and investor needs• Upgrade financial applications and underlying infrastructure

• Underwent some technological challenges in the past year• February 2014 – software upgrade froze the bank’s systems• July 2014 – the bank’s web application went down

• CIO suggested to move existing applications to the cloud• Allow flexibility and scalability to better suit the needs of the company

• Stay ahead of competition by working with big data• Reduce costs, increase efficiency, and create insights to customer and investor data

4


Query Time

Scalability

Cost

Current State With Cloud Computing

One Hour Twenty Minutes

Limited Fast, Efficient

Fixed Pay per use

Data Analytics Slow, Inflexible Fast, Flexible, Visually Appealing

Our Purpose

5

• Cloud computing is the practice of using remote servers over the Internet to store and access data rather than connecting to a local servers

• Cloud computing has three main services:• Infrastructure-as-a-service (IaaS) – the provider offers hardware to the user via a virtualized

interface.• Platform-as-a-service (PaaS) – the provider offers hardware plus a computing platform to

the user.• Software-as-a-service (SaaS) – the user is able to access different types of applications

from the provider.


Cloud Computing Overview

6

Cloud Computing: Benefits


• Cheaper than in-house servers• Smaller IT staffPrice

• Faster, more effective software• Greater computing powerEfficiency

• Able to utilize more cloud resources immediatelyScalability

7

Applications

Runtimes

Security

Databases

Servers

Virtualization

Server Hardware

Storage

Networking

Applications

Runtimes

Security

Databases

Servers

Virtualization

Server Hardware

Storage

Networking

Applications

Runtimes

Security

Databases

Servers

Virtualization

Server Hardware

Storage

Networking

Applications

Runtimes

Security

Databases

Servers

Virtualization

Server Hardware

Storage

Networking

Traditional IT IaaS PaaS SaaS

Managed InternallyManaged by Cloud Provider


Cloud Computing Overview

8

• SaaS providers host applications which are made available to customers over a network, typically the Internet

• Binghamton Bank has currently implemented SaaS for two Banking Applications:• WeCare• Mobile Banking Application

• With SaaS individuals no longer download and install programs on individual computers

• All programs are updated and maintained by the SaaS cloud provider

• These programs offered on the cloud are accessible from almost anywhere

Cloud Computing: SaaS


9

Cloud Computing Risks Mitigation of Risks: SaaS

Data Breaches: • Cloud service providers host information from customers

spread across the world• This makes them large targets for information hackers

• Create long, complex passwords every 60 to 90 days• Encrypt data through the use of keys, digital signatures, and

other security applications

Outages:• Reporting outages due to power failures, natural disasters, etc.

takes longer due to longer lines of communication between the business and the cloud service provider

• Develop a Disaster Recovery/Business Continuity plan, including recovery services

• Keep customers informed throughout the disaster response process

Non-compliance:• The company must follow all legal and regulatory requirements

that apply to its information being stored on the cloud.• These requirements include: PCI DSS, GLBA, ISO, etc.

• Define the services used through the SaaS provider, with any restrictions, regulations or compliance issues that need to be satisfied


Risks & Mitigation of Cloud Computing

10

Leading Customer Relations Management

Tool$3,000/Month

Private Cloud Offering $4,240/Month

Big Data Analytics Application $2,500/Month

Most Application & Service Offerings to Banking

Industry$1,890/Month

Competitive Advantage CustomersCost Per Office


SaaS Cloud Provider List

11


SaaS Cloud Provider Comparison

Cost Security Financial Stability Services Provided1

1.5

2

2.5

3

3.5

4

4.5

5

SalesForce Oracle Workday SAP

12

Yes No

No, Offers SaaS Extension on PaaS

Yes, Provides Pre-Built Applications

Yes, Multiple Preventative Security Procedures

Yes, Received TrustE Trusted Cloud Certification & More

$4,240 Per Month $2,500 Per Month

Private Cloud Offering

Standalone SaaS

Security and Disaster-RecoveryPrice Per Office


SaaS Cloud: Oracle & Workday

13

• Implemented two methods of data analytics to test the optimization of analyzing large-scale data• Using Binghamton Bank’s customer profiles

• Method 1: Microsoft Excel• Pivot charts were more complicated to calibrate to the exact specifications of a relationship• Visual representations were less cooperative in displaying meaningful trends

• Method 2: Spotfire Data Analytics• Immediately converted data sets into graphical displays that are easily manipulated and customized• Provided significantly more options for creating relationships between different variables in a data set• Increased speed allowed for a more efficient and accurate method of determining trends and drawing

conclusions


Spotfire Data Analysis

14


Data Analysis: Service vs. Age

15


Data Analysis: Services vs. Education

16

• Total Average Services vs. Age• Users of later generations tend to use more of Binghamton Bank’s services• Utilize SaaS mobile banking applications, appealing to more earlier, more technology-focused

generations through increased mobility• Applications should be kept simple and easy to use for sustain current users

• Total Average Services vs. Education• People with less education tend to utilize more of the Bank’s services• Applications should sustain usability to retain that less educated audience• Develop more advanced banking applications in the cloud that cater directly to those with

more education• Maintain the same level of usability and accessibility


Recommendations from Data Analysis

17

• The use of data analytics in the cloud can be enhanced via a “big data” system• Big data allows for an organization to handle data with velocity, variety and volume

• The use of big data will allow for Binghamton Bank to respond to problems faster while incurring fewer costs • The scalability of computing power will allow Binghamton Bank to run processes faster• The elimination of on-site hardware will allow Binghamton Bank to decrease costs

• Big data will allow for Binghamton Bank to improve customer relations management and make Binghamton Bank more efficient

• Big data providers like Hadoop and Palantir offer unique solutions that can help Binghamton Bank to automate some functions


Utilization of Big Data

18


Utilization of Big Data

Good

Inadequate

Failure

19

• IaaS provides the following infrastructure for companies• Hardware• Storage• Memory capacity

• Binghamton Bank has currently implemented IaaS for three Banking Applications• Enterprise Content Management• Development & Testing• BackUp

• With IaaS, users have the ability to scale how much storage and memory they need• Companies have more control over how much they use based upon how much they

need• IaaS is also accessible from any location provided there is an internet connection

Cloud Computing: IaaS


20

Cloud Computing Risks Mitigation of Risks: IaaS

Data Breaches: • Cloud service providers host information from customers

spread across the world• This makes them large targets for information hackers

• Extend access management services into the IaaS cloud provider

• Ensure that Binghamton Bank has access to the necessary resources needed to ensure the applications and systems are secure.

Outages:• Reporting outages due to power failures, natural disasters, etc.

takes longer due to longer lines of communication between the business and the cloud service provider

• Develop a Disaster Recovery/Business Continuity plan, including recovery services

• Perform periodic backups of sensitive data

Non-compliance:• The company must follow all legal and regulatory requirements

that apply to its information being stored on the cloud.• These requirements include: SOX, GLBA, ISO, etc.

• Have a team devoted to ensuring the data is under the right encryptions and controls in place

• Make a thorough overview of the IaaS Provider of their security measures as well as level of segregations


Risk and Mitigation of Cloud Computing

21

Breadth and Integration of Wide Range of Services $70/Month

Supports High Demanding Cloud Applications $428/Month

Suitable Infrastructure for Big Data Analytics $86/Month

Global Servers and Granular Control over

Infrastructure$74/Month

Competitive Advantage CustomersCost Per Instance


IaaS Cloud Provider List

22

Cost Security Financial Stability Services Provided2.0

2.5

3.0

3.5

4.0

4.5

5.0

IBM Managed Cloud Services Amazon EC2 Cloud Services Google Compute Engine OpSource

Cloud Provider Comparison


23

IBM Cloud Managed Services Elastic Compute Cloud

Ten Data Centers Across Five Continents

Data Centers Across Four Continents

Full Range of Cloud ServicesMigration of Applications

Variety of Services and Monitoring Tools

$428 per Month $70 per

IaaS Provider

Data Spread

Competitive Advantage

Estimated PricePer Instance


IaaS Cloud: IBM & Amazon EC2

24

Determines the risks associated with having Binghamton Bank’s applications on the cloud

Calculates impact scores that allow users to easily compare risks and determine which are the most significant

Generates procedures to help mitigate theses risks for Binghamton Bank


BIA and Risk Prioritization Tool

25


Tool Demonstration

26

• Utilized the tool to analyze data on hypothetical cloud failures that were provided by Binghamton Bank• Binghamton Bank provided us with data that described how a certain technology failure would

affect the bank• Found some key applications that were at risk and that should be treated with caution

• Devised a strategy to mitigate the risks associated with moving these applications to the cloud• Detected some key failures that would significantly impact Binghamton Bank

• Created recommendations to ameliorate the risks associated with these impacts


Data Analysis

27


Significant Issues and Failures

28


Significant Data Types

29


Critical Applications

30


Insignificant Applications

31

• Move the PayNow application and the Loan Default Management application over to the cloud first will help to limit the risks of migration• These are the only two non-critical applications not on the cloud

• Migrate Change Detect, the Core Banking Application, and Card & ATM Management to the cloud last • This will allow for the IT team to acquire experience before moving significant applications to

the cloud• Use the migration of the Enterprise Content Management application as an example for the

eventual migration of the applications listed above


Recommendations: Cloud Migration

32

PayNow (SaaS)

Loan Default Management

(SaaS) Card & ATM Management

(IaaS)

Core Banking Application

(IaaS)

Change Detect (SaaS)


Recommendations: Cloud Migration

33

• Cloud Assessment • Perform an assessment of the cloud in terms of finances, security, and technical capabilities

to determine if the cloud provider is suitable for Binghamton Bank• Proof of Concept

• Select a cloud provider based upon the assessment• Begin deploying small miniature applications to the cloud to ensure the application is running

smoothly on the cloud• Data Migration

• Consider different storage options and develop a data segmentation strategy to effectively migrate sensitive data over to the cloud


Cloud Migration – Projected Timeline

34

• Application Migration• Determine strategy that will least disrupt current business activities when migrating to the

cloud to ensure that business functions are still operating while applications are moving to the cloud

• Adopt a forklift application strategy or hybrid application strategy• Create a “cloud-aware” code for the application to help adjust the application when moving to

a different computing platform• Leverage the Cloud

• Expand scalability and attempt to automate elasticity to offer the extra benefits of using a cloud versus the legacy system

• Ensure the right encryption and security measures are in place in order to be in compliance with regulations

• Implement a dashboard to help monitor use of cloud resources



35

• Optimization Phase• Observe different load patterns to help manage elastic environments more effectively• Continuously run the application over the cloud to find the best practices and update the

application when different regulations are enacted• Employee Integration

• Inform company of success of migration and train employees on how to utilize the application to help employees feel at ease with the new software

• Gather employee feedback to optimize success of cloud applications



36



37

Recommendations

SaaS Provider: Oracle and Workday

IaaS Provider: IBM or Amazon

Leverage Big Data into Bank

Migrate PayNow & Loan Default

Management Apps

Conclusion

38

Questions

39

◦ Tableau data analysis and recommendations◦ IBM Managed Cloud Analysis◦ Amazon EC2 Cloud Analysis◦ Google Compute Engine Analysis◦ OpSource Analysis◦ IaaS Cloud Provider Cost Analysis◦ Laws, Regulations & Standards◦ Risk Prioritization Calculations and

Classificaitons

◦ We’ll use this side once we add more to the appendix

Appendix

40

Tableau – Data Analysis

41


42


43


44

• Diversify into other geographical areas• Iowa and New Jersey have the lowest debt to income ratios which shows that they can take

on more debt• District of Columbia and New Hampshire have the highest monthly incomes which shows they

can pay off more loans• Expand the sub-prime credit business

• Make loans to people to the sub-prime segment (625-650 FICO)• Expanding economy will improve the ability for people to make payments• Take advantage of low debt to income ratio trend in sub-prime sector

• Expand loan allocation towards housing and home improvement segment• Take advantage of an improving housing market• Diversifying loan purpose away from debt consolidation and credit card loans

Recommendations from Data Analysis

45

• Very large cloud provider with 10 data centers spread throughout 5 continents• They are looking to expand to 40 data centers located in every major financial center

• Created for enterprises that value security and ease of access • Just opened a Cloud Resiliency Center in North Carolina to cut recovery times by 24-48 hours• Payment Card Industry Certified, HIPPA Compliant• Unique security and authentication model with a firewall with an optional VPN gateway• Data centers use IBM Power Systems and System X servers with Tier-1b storage

• Their cloud environment allows for IT Teams to set up applications within days

• IBM provides compliance services and other IT advisory services

IBM Managed Cloud Offerings

46

• IBM Managed Cloud Services has one of the highest costs• Our comparative cost put it at $428.32 per month• The average billing for a month of services was $7,000• Lost a CIA contract in part due to their billing mechanisms but have fixed the problem

• Having data centers spread throughout the world adds some risk to the platform• If Binghamton Bank stores data overseas then they will have to watch international laws• Having data overseas also opens up Binghamton Bank to data breaches• IBM allows for customers to select which data facilities they want their data in

IBM Managed Cloud Costs and Risks

47

• Very large cloud provider with many data centers spread throughout four continents

• Amazon EC2 has a wide variety of customers• Many start-ups take advantage of Amazon’s cloud services and the CIA also uses Amazon

• The Amazon EC2 Platform also has many built-in security features• Created customer access points that allow for secure HTTP access• AWS Identity and Management tool allows customers to control the level of access for users• Users can also have the data and objects encrypted using Advanced Encryption Standard 256

• Amazon Cloud Watch provides real-time monitoring on resource utilization• Also allows for one to set up an automatic scaling features to manage instances

Amazon EC2 Offerings

48

• Amazon has designed their payment plans so that you pay for what you use• In our comparative cost analysis Amazon charged the typical rate for a cloud provider• Pricing model is extremely scalable and allows for flexibility in computing power

• Amazon has been in the news for data center outages and service problems• In April 2011 the EC2 system crashed and took down many websites of some very prominent

companies and also wiped out some firms’ data• In October 2012 a data center outage took down Foursquare and Flipboard• In August 2013 an EC2 data center in North Virginia experienced a hardware failure and caused

problems for Instagram, Vine, AirBnB, and Flipboard

Amazon EC2 Cloud Costs and Risks

49

• Google Compute Engine is built on the same global infrastructure as their other japplications like YouTube and Gmail• Google also has a built-in load balancing service that spreads heavy workloads over their global

infrastructure• Google’s offers many services and a large global infrastructure which allows for fast processing

speeds throughout the world

• Google’s Auth 2.0 allows you to leverage Google Cloud Storage• Google’s virtual machines run with Linux applications

• Google is certified by ISO 27001 and SSAE-16

• Completed SOC 1 2 and 3

Google Compute Engine Offerings

50

• Google’s pricing is very scalable and is dependent on computing power• In our comparative cost analysis Google was the most expensive excluding IBM

• Google’s security has come into question recently• Google handles large quantities of confidential information (Gmail, Payment Information, etc.)• In March 2011 150,000 accounts were deleted from Google’s system• In September 2014 5 million Gmail usernames and passwords were stolen in a data breach• Brings into question the security of Google’s cloud platform

Google Compute Engine Costs & Risks

51

• OpSource has nine data centers spread over five continents• The services that they offer are called Private Compute as a Service• This service allows for controls over virtual servers, tiered storage, and networking• Allows clients a private cloud environment for computing supported by Dimension Data

• OpSource employs an Applications Programming Interface to automate and control the fvirtual server, storage, and network environment

• The platform has a 99.99% SLA and 24/7 support that assists its cloud services

• OpSource takes many security measures including firewall technology, VPN, and jIntrusion Detection Systems• They also have a Dimension Data Security Incident Response Team• OpSource is compliant with PCI, SSAE 16, and SAS 70 Type 2 certifications

OpSource Offerings

52

• OpSource offers a very scalable monthly pricing model• Pricing is based on storage utilized and processing power• For our comparative pricing calculation OpSource had comparable pricing to Amazon EC2

• OpSource has data centers spread throughout the world which brings up many risks• OpSource limits the risk of having data centers spread throughout the world by having strong

location protections • OpSource builds all of their data centers are built above sea level and are built in areas with

seismic compliance

OpSource Costs & Risks

53

Assumptions:

• 730 hours in an average month

• 264 operating hours (9AM-9PM each

week day; 34 hours of maximum operating

activity per month, 44 high activity, 186

medium activity)

• 174 remaining hours of medium activity

• 292 remaining hours of low activity

Activity Level Hours/Month

Low Activity 292

Medium Activity 360

High Activity 44

Max Activity 34

Comparative Cost Calculation

54

Activity Level Cost/HourLow Activity $0.036Medium Activity $0.133High Activity $0.266Max Activity $0.532

Activity Level Hours/MonthLow Activity 292 Medium Activity 360High Activity 44 Max Activity 34

Activity Level Cost/Hour Hours/Month Cost/Month

Total Cost/Month

$88.184

Low Activity $0.036 292 $10.512Medium Activity $0.133 360 $47.880High Activity $0.266 44 $11.704

Max Activity

$0.532 34 $18.088

Comparative Cost Calculation

55

•Founded 15 years ago

•Designed only to provide Software-as-a-Service

•Public company with market cap of $35.7B

•Increasing revenues but negative net income

•Primarily provides CRM tools

•Service Cloud : $300 Per Month

•Data.com : $165 Per Month

•Total monthly cost per office: $3,000

Provider Overview: Salesforce

56

•Workday is solely a software-as-a-service company which provides a variety of applications

•These applications include human capital management, financial management, and big data analytics

•Workday also has an integration cloud which provides Platform-as-a-Service

•Workday’s revenue is rapidly increasing but it’s profits are becoming more negative

•Security is a top priority for Workday. It has many certifications and is very secure


Provider Overview: Workday

57

•Oracle is the world’s second-largest software creator after Microsoft, providing cloud-based IT environments including software-as-a-service, platform-as-a-service, infrastructure-as-a-service and data-as-a-service

•Delivers a complete range of production-level business applications for various parts of the enterprises it caters to; a one-stop-shop for corporate software

•Oracle has grown from a net profit of $9.9 billion in 2012, to nearly $11 billion in 2014

•Oracle implemented logical security at every layer of the technology that supports the business applications, as well as physical security in their global centers

•$175/Month for Oracle’s Database Cloud Service, additional $249/month for Oracle Java Cloud Service- SaaS Extension


Provider Overview: Oracle

58

•SAP offers many different cloud computing services including IaaS, PaaS and SaaS

•SAP provides many software applications designed specifically for financial institutions including SAP Simple Finance and SAP Financial Services

•Cloud computing services has been growing, last year cloud revenues grew nearly 90 percent to $68 million

•Security is a top priority at SAP, some of the security applications include reverse proxy farms, data encryption, multiple firewalls, etc.


Provider Overview: SAP

59

Standards and Regulations

60


61

Payment Card Industry Data Security Standard• Created to protect cardholder information• Institution must maintain a current diagram that shows how all cardholder data flows

across systems• Outline which requirements are managed by the service provider and which are managed

by the entityFederal Financial Institution Examination Council• Provides a guideline for banks that are deciding to implement cloud computing• The board of directors for a bank is responsible to determine if the provider’s service is

secure, safe, and in compliance with any laws and regulations


62

Input •Breaks all input into four main categories: financial impact, regulatory impact, customer impact, and public image impact•There is a fifth category that is used to label the risk

Calculate •All input regarding each category is quantified on a scale from 0 to 100. With 100 having the most impact•Certain categories are weighted more than others for the total impact score•The order of importance from most to least is as follows: Financial, Customer, Public Image, and Regulatory

Assign •Assigns each risk a rating of significance in a five tier system•These ratings allow for easy comparison between risks

Impact Calculations

63

High

Medium-High

Medium

Medium-Low

Low

ImageMonetaryOperational

Relative Impact

Ris

k Ty

peRisk Classifications

Download - EY Trajectory_Final

Top Related