The banking industry has changed dramatically over the past two decades – a 2021 report from Google found that the “vast majority” of financial services companies, including banks, are already using the public cloud and that interest in multi-cloud migrations remains strong. But the underlying IT infrastructure of many banks is still catching up with these digital transformation changes, which has created several new challenges for leaders and teams responsible for maintaining and securing applications and networks on which banks rely on. These include providing service agility, maintaining a positive user experience, and keeping their data secure. A solid observability strategy and practice helps solve these challenges. Here’s how.
Changing habits, changing traffic
More customers than ever before are banking remotely via mobile devices – 169.3 million in the US in 2021. This means that the network traffic generated by these customers is coming from many distributed locations and is much more difficult to manage and manage for the IT department. observe. Centralizing applications and data clusters in a few data centers no longer fits this scenario (users close to that data center would get a much better experience than a center on the other side of the world, for example) . When most people banked in person at a local branch, internet link usage followed regular patterns; it would be high during working hours and concentrated in major metropolitan areas. Now, customers can bank anytime, from anywhere, and banking IT teams are struggling to adapt to new models, both from a customer experience perspective and from a data management perspective. security. In response, banks are moving workloads and applications to the cloud in droves. Many are now using a distributed services model, with applications hosted on the hybrid cloud and at the edge point closest to the user (i.e. edge computing). Most banks also use more than one cloud, and coordination between multi-cloud and on-premises systems creates even more challenges for IT.
Banking IT managers (CIOs and CISOs) face three main challenges due to these changes:
- Service agility: Banks operate in a highly competitive environment and the deployment of new digital services (such as mobile banking, check deposits or wire transfers) is a constant race to stand out from the competition. These services must be deployed on time and without a hitch.
- User experiences: The performance of these new services is important. In a mobile-centric world, users are very sensitive to the slightest delays, latencies or non-responsiveness. Service components and chaining must be thoroughly tested and observed prior to production commissioning.
- Security Guarantee: Banks are high-value targets for attackers and fraudsters, and need to secure huge amounts of sensitive customer data, their assets and other financial information. They must always stay a few steps ahead of their competitors.
Observability, from a network perspective, means that IT can see what is happening on the network in a holistic sense, easily determine why it is happening, and figure out how to fix it. IT needs to plan ahead and implement observability systems before or during a cloud transition as banks become more hybrid, multi-cloud digital service providers. Here’s how it works with each key challenge, in detail.
Hosting new services in the cloud requires them to be architected and deployed much faster. Development teams don’t have to worry about allocating servers, storage, bandwidth, hardware, etc. ; and scalability becomes elastic. But migrating to the cloud means losing control in some dimensions. – IT DevOps and NetOps do not have easy access to network data from the cloud as they would on premises. The IT team will need a way to access network data for troubleshooting and optimizing/tuning new services before going live. If network observability does not follow these services to the cloud, blind spots and disruptions occur, delaying service deployments, which is a competitive disadvantage and impact the bottom line. Because of these high stakes, observability should be in place before services migrate to the cloud.
For example: if a bank is rolling out a new service such as mobile check deposit, and it keeps crashing during testing, while there are no observability tools and mechanisms in place to solve problems, the bank may have a competitive disadvantage and face customer churn since post-pandemic, many users expect this to be a basic service.
In a hybrid cloud-based architecture, different service components reside in different locations and even on different clouds. This adds connectivity and latency issues and significantly affects the overall user experience compared to on-premises, where latency between service components is minimal. There is also additional cost and complexity. IT must reference and adjust all components of the service chain to adapt to these changes.
Users, of course, expect the same or better experience despite all the back-end changes. To avoid this, IT needs observability to know the latency of each part of the service chain and proactively monitor issues before users complain. Again, this needs to be in place before users start using the services.
For example: if a mobile check deposit does not go through, takes multiple attempts, or is extremely slow, the user will be frustrated. If logging into a mobile banking app takes too long, the same will happen.
A breach can have huge repercussions for a bank, such as customer/business churn, legal liability, and reputational damage. Banks must be able to secure their applications, data and infrastructure. Observability contributes to this in several ways. First, it allows the SecOps blue team (with help from NetOps) to observe east-west traffic within the hybrid cloud for non-traditional intrusions such as malware or ransomware or fraudulent transactions. This is vital since most transactions take place here. Second, observability solutions that can collect network data from all parts of the hybrid cloud expose blind spots where threats can go unnoticed. In the case of the public cloud, while cloud providers will secure elements of their infrastructure, security within bank VPCs remains the IT responsibility. Observability also enables faster incident response and forensic analysis.
For example: Unusual network activity, such as a bank statement download or a transfer of a large amount at an unusual time from an unusual region or device, may signal attempted fraud. Access to network data, analysis and replay capabilities helps track down threats.
Hopefully the above key challenges and how they can be addressed through an effective observability strategy sheds some light on how this helps banks stay on top of their business. The result is usually increased transaction speed, improved user experience, and stronger security.