Cloud Computing: looking for erogenous zones at work

So yesterday was an outsourcing day. Or rather it was a virtualisation and cloud computing day. Or isn’t that the same thing?

Funnily enough, it was at a conference focused upon government issues in technology and information security, with lots of discussions about identity, secure email, information storage and data security best practices.

On the panel with me were various luminaries from the cloud and security areas, including a consultant, a University CIO and a lawyer.

Not sure what I was doing there really, but I guess they wanted the view from the industry that has the most secure systems.

Should have asked a retailer I guess, but they thought that me being a banking buddy could provide the insights they needed.

Anyways, the University CIO went first and she talked about outsourcing their email services to Microsoft’s cloud services.

It cost £300,000 to set the whole thing up, compared to an estimate of £3.3 million if they had done it internally.

The consultant went second.

He talked about all the issues and opportunities with cloud, covering the fact that it’s just a modern day version of outsourcing and that the legal and audit areas are still a little unclear.

I liked one quote he made: “the typical American firm with an internal IT operations service will spend $150 per annum to maintain and support the average desktop; using cloud computing, that figure would be just $1 per year.”

Nice comment, although not sure it can be substantiated.

Finally, the lawyer spoke.

He was a gifted speaker with lines like: “cloud is just old wine in new bottles ... the grandson of outsourcing”, and other such mumbo-jumbo.

He finished with talking about how he’s involved in the Government’s work to create the G-Cloud, a “mother of all frameworks” to rationalise the “440 local authorities with 440 IT systems” into something far more efficient, lean and mean.

“In these austere times, there is an increased appetite for risk”, he said, and that they were moving to “the edge of procurement law” in doing this.

All well and good, but they had set me up for last and, and those who know me well, you’ll know that going last will give me the chance to have a pop at some things discussed.

So I began by thinking about the G-Cloud and wondered where it would be located. Maybe in the G-Spot?

A bit like we put finance into the Cloud and, in the same way, would get the F in Cloud.

On a more serious note however, I referred to the survey we did last year, which showed that yes, cloud is well understood in banking as just mainframe computing, with the server outsourced and offering infinite scalability through the internet.

The survey showed that banks would consider cloud for mundane tasks such as the one cited by Visa, where they sent 70 terabytes of customer transaction data representing two years worth of information, and got it scrunched with deep data mining in 13 minutes using cloud services. It used to take their internal systems months to process such data and provide the analytics.

However, where banks have requirements to ensure bulletproof, risk-free processing, such as with payments and money movements, then a secure service is required either internally or through a secure privately owned collaborative cloud, such as SWIFT.

This is not because Payments-as-a-Service through a general cloud provider is not feasible or tenable, but more the control freakery of banks who see that it must be held and managed securely.

Interestingly, where cloud is taking off the most is in the capital markets space where the need to process tens of millions of trade order requests every second of every day lends itself well to the cloud capability. This is because it enables firms to handle the peaks and troughs, spikes and dips of order flows, without having to worry about server capacity or limitations.

For example, I only ever encounter Amazon and Google at conferences when I’m talking about trading technologies and architectures. That may change – Amazon popped up at a payments conference recently – but they’re not yet exhibiting at SIBOS or other such banking tradeshows. Maybe they will be soon.

We then got into a bit of a debate about legal matters – who’s liable if data is compromised in the cloud? – and privacy and identity – how can you outsource payroll? – and standards – SAS70, ISAE3402 and CSA – before concluding with the view that cloud services is growing, and will continue to do so, but only where firms are confident of the benefits and risks being maximised and minimised respectively.

Then it was off to talk about another disastrous NHS project overspend, before retiring to the bar for a severe case of tasteless austerity wine, and a long discussion about whether there really is a G-spot in Whitehall.

Nothing like mixing in government circles is there?