Source: Image by Gerd Altmann from Pixabay
Cloud computing is an essential aspect of business operations in the modern world, and the banking industry is no exception. It offers banks a flexible and cost-effective approach to deliver IT services. Hence enabling banks to focus on their core business activities.
Banks use the cloud to reduce capital and operational expenditure, improve efficiency, and deliver better services to their customers.
In Africa, cloud computing gained popularity among banks due to its ability to overcome the region’s infrastructure limitations.
African Banks face technology infrastructure challenges, such as power outages, limited connectivity, and outdated technology. These challenges have made it difficult for banks to offer quality services to their customers. As a result, cloud computing became an attractive solution.
Additionally, cloud computing saves money, associated with purchasing and maintaining on-prem hardware and software.
What to Move to the (Public) Cloud
Source: Image by Gerd Altmann from Pixabay
The first rule of cloud migration is to only migrate what makes sense.
First, identify what services or applications to move to the cloud. Banks in Africa identified non-critical and non-sensitive applications, such as email, document sharing, and customer relationship management (CRM), as good starting points.
This cautious approach allows banks to enjoy the benefits of cloud computing while minimizing the risks associated with migrating sensitive applications. Moving non-critical applications to the cloud can provide immediate benefits.
These applications shouldn’t have customer data and shouldn’t disrupt the bank’s operations. Once the bank has gains experience with these risk-averse applications, it has confidence to gradually move more critical applications to the cloud.
For example, First Bank of Nigeria initially moved its non-core applications to the cloud before migrating its core banking applications. However, refer to your local regulators; they’re the source of policy on data cloud migration.
Services and Features That Typically Get Migrated
- DATA: Static, SQL, NoSQL, File-stores
- NETWORK: Topology, VNETS, Subnets, LB4/7, Firewalls, VPNs, Routers, Connectivity, etc.
- COMPUTE: Applications and servers.
- DEVOPS: Build, Test, and Deployment processes.
- SECURITY: WAFs, Security groups, isolation, peering, secrets, keys, certificates, monitoring, etc.
- BUDGET: Controls and Monitoring
- OBSERVABILITY and SRE: Monitoring, Logging, Tracing, Alerts, Incident Management, Patching, etc.
- IAM: Users, Roles, Groups, Privileges, AD/LDAP, etc.
- CONTROL: Management and Oversight.
Migration Use Cases— When Do Businesses Migrate?
Migration use cases are specific scenarios or situations where businesses may need to migrate their IT infrastructure and services to the cloud.
These scenarios can vary depending on the type of business and the current state of their IT infrastructure.
Various factors can drive cloud migration and technical scenarios, including:
- Data
- Infrastructure
- Applications
Data Migration
- Static Data: BLOB (Binary Large OBject or basic large object) migrate using online transfer such as UPLOAD, RSYNCH (remote sync) methods and offline methods like transfer appliances or archival media depending on their size.
- File Data: Files and Directory data migrate using online transfer such as SMD (Signed Mark Data), UPLOAD, RSYNCH, and offline methods like transfer appliances or archival media depending on its size.
- (No)SQL Data: Database data should be exported and imported and “synching” through ETL methods, migration utilities, database file transfer, and virtualization lift and shift.
Infrastructure and Application Migration
It is usually the most manually intensive, requiring mapping physical infrastructure and topology to cloud provider-specific IaaS.
A typical approach might be the computer service migration which migrates application servers, applications, and server clusters to the cloud.
It is not just about migrating infrastructure but also refactoring service architectures for the cloud as well.
Common approaches are:
- Rehost: this is a lift and shift approach used to mirror existing servers “as-is” to the cloud. You virtualize the on-premises host and upload images to the cloud. Then, you create instance groups from those cloud image(s). In this case, you can use on-prem migration utilities from some cloud providers to guide the process. This is the easiest migration to do but does not take full advantage of cloud architecture.
- Re-platform: This is the migration of services to similar cloud-native technologies. For instance, application services like web servers, web APIs, and REST applications can be dockerized and hosted on container engines like Kubernetes. Then, you deploy them directly onto cloud-managed application sandboxes. However, application binary is not refactored, it is deployed “as-is” to a cloud-managed service.
- Refactor: Refactoring is about refactoring application architecture to fit the best available cloud services. This approach is dependent on architecture but would most likely include things like:
- Decomposing application logic into appropriate microservices or macro services
- Dockerizing and deploying to container services like Kubernetes
- Using native messaging and event services to provide inter-service communication
Containerization and Kubernetes
Docker and Kubernetes are two critical technologies everyone needs to know to benefit from migrating applications to the cloud.
Containerization
Docker is a tool that lets you create small and portable packages of all the software that your application needs to run. These packages are called “images.”
Once you create an image, you can run it on any computer that supports Docker. This makes it easy to move your application from one computer to another.
Docker images are much smaller than traditional virtual machine images, and they are easy to scale up or down. This means you can run your application on many different computers at once.
Docker is an important tool for modern cloud-based applications, but it can be used on any computer.
Kubernetes
One of the most popular container orchestrators is called Kubernetes, and it’s used by a lot of companies to help them run their applications on the cloud.
This type of tool is important when running your applications on a cloud platform. This is because it can help you take advantage of things like scalability (being able to easily add more resources when you need them), managed services (where the cloud provider takes care of some of the work for you), and cost savings.
Source: Cloud Migration Strategy by Alexander Wagner
Planning
Source: Image by Gerd Altmann from Pixabay
Cloud migration involves moving data, infrastructure, and applications to managed cloud services, such as infrastructure as a service (IaaS) or platform as a service (PaaS).
To ensure a successful cloud migration strategy, businesses must consider technical and business objectives and prioritize incremental migration based on business priorities.
They can use “rehost,” “re-platform,” or hybrid cloud strategies to minimize the work involved in the migration process.
Refactoring migrated services to optimize their use of the cloud is not always necessary, but it can be done gradually in small bits to gain benefits.
Becoming cloud-native is crucial for business success, as cloud-native services are designed to take advantage of the features and capabilities of the cloud, such as scalability, high availability, and elasticity.
Strategies for cloud migration include the 6-Rs approach:
- Rehost (Lift and shift): virtualize and move services “as is” to the Cloud. They are usually used for proprietary application services like web or on-premises applications.
- Re-platform: move on-prem services “as is” to the Cloud using cloud-native alternatives—e.g., cloud-managed databases. It can also include moving to PaaS services.
- Repurchase: move services (where available) to a SaaS offering.
- Refactor: partially or fully redesign the service architecture best to use cloud-native services, e.g., microservices.
- Retain: keep some services—usually legacy or highly custom backends—where they are.
- Retire: replace existing services with cloud-native services as much as possible.
It is essential to monitor and manage the cloud environment throughout the entire project, which typically includes several key stages, such as:
- Discovery- defines the business and technical case/scope, plus assets to migrate (scope of migration, business due diligence, technical due diligence, and Asset and discovery)
- Assessment– plans the migration and see potential methods of execution (business assessment technical assessment and poc(s) migration and backlog and MVP migration planning and approval)
- Migration- runs the planned migration steps, both technical and organizational (Technical Migration, Organization Migration (Processes and Structures), Stabilization, Prep handover to SRE/OPs)
- State Running- runs team maintenance going forward (SRE/DevOps team(s) manage as Business Impacts
Like any organizational change, potential impacts need to be considered. The impact depends on the adopted approach and the migrated or transformed applications’ architecture.
Positive
- Cheaper Costs: Customers only pay for what they use (metered service).
- Managed Services: Patching, upgrades, availability, etc., of services, are managed for customers.
- Elasticity: Services can scale automatically based on demand.
- SRE (Site reliability engineering): Supporting technologies like monitoring, tracing, DRaaS, etc., are provided for customers and can be more closely integrated out of the box.
- Control: Customers can choose the level of control that they want using IaaS and PaaS.
- Empowerment: Teams can potentially own their services all the way into production.
Negative
- Reskilling: Organizational reskilling is required for IT functions.
- Control: There is some loss of control over the environment.
- Processes: Business practices and structures may have to change or adapt to better support the Cloud (DevOps and Ops/SRE).
- Refactoring: Applications and services may need to be refactored to better use “modern” architectural patterns.
- SRE: Existing solutions for monitoring and recovery may need to be replaced as well, as the increasing cost.
- Downtime: Downtime for the migration might be an issue.
What to Leave On-Prem (Private Cloud)
The second rule of cloud migration is migration can be done incrementally.
Although cloud computing offers numerous benefits to banks, some processes are better left on-prem. Processes that require high levels of security or regulatory compliance, such as payment processing or Know Your Customer (KYC), should remain on-prem.
This ensures that sensitive information is not compromised while providing banks with the benefits of cloud computing. After all local African cybersecurity policy and enforcement is underdeveloped.
The third rule of cloud migration is hybrid cloud approaches allow the “best of both worlds.”
However, banks can still leverage the cloud’s benefits by implementing hybrid cloud solutions, where sensitive applications are kept on-prem while non-sensitive applications are moved to the cloud.
Navigating Compliance
Banks in Africa adhere to strict regulatory requirements. Therefore, compliance is a critical part of cloud computing. Banks must ensure their cloud providers meet the required regulatory standards and compliant with local and international laws.
For example, the Nigerian Data Protection Regulation (NDPR) requires banks to store customer data within the country’s borders. Banks must, therefore, partner with cloud providers within Nigeria to comply with the NDPR.
Another example is, the South Africa Protection of Personal Information Act 4 of 2013 requires cloud providers to implement appropriate security measures to protect personal data.
Other Commonwealth countries like Kenya borrowed their cloud policies from the UK, General Data Protection Regulation (GDPR). Banks’ customers in those countries have more control over their data.
Monitoring Cloud Performance
Source: Image by Gerd Altmann from Pixabay
As African banks continue to adopt cloud technology, it’s crucial that they establish effective monitoring practices. These will ensure the security and efficiency of their private and hybrid cloud environments.
Auditing access controls, user activities, and system configurations for their private clouds can prevent unauthorized access or data breaches.
Also, they should manage data transfers between on-premises and cloud environments. Monitoring performance metrics such as response times and availability are also essential for hybrid clouds. This practice maintains data integrity and complies with regulatory requirements.
For instance, a bank that uses a hybrid cloud might need to monitor data transfers between its on-premises financial system (FS) and its cloud-based customer relationship management system CRM) to ensure the privacy and security of sensitive financial information.
Automated tools and trained personnel can help with monitoring and promptly responding to incidents, thereby reducing risks and maximizing the benefits of cloud technologies.
Security
Source: Image by ambercoin from Pixabay
Cybercrimes affect all countries, but weak networks and security make countries in Africa particularly vulnerable.
Throughout the entire project, it is essential to continuously monitor and manage the cloud environment to ensure that it remains secure, cost-effective, and aligned with the business objectives.
Monitoring involves ongoing maintenance and support, as well as periodic optimization and updates to the infrastructure and applications. The typical methodology for a cloud migration involves several key stages, including:
- Analysis of technical and business needs
- Planning and evaluation of resources
- Design and construction
- Testing
- Migration
- Monitoring
While Africa has an estimated 500 million Internet users- 38% of the total population- leaving huge potential for growth. Additionally, Africa has the fastest growing telephone and Internet networks in the world and makes the widest use of mobile banking services.
This digital demand, coupled with a lack of cybersecurity policies and standards, exposes online services to major risks.
As African countries move to incorporate digital infrastructure into all aspects of society – including government, banking, business and critical infrastructure. Therefore, it is crucial to put a robust cybersecurity framework into place.
“Not only do criminals exploit vulnerabilities in cyber security across the region, but they also take advantage of variations in law enforcement capabilities across physical borders,” said Craig Jones, INTERPOL’s Director of Cybercrime.
Importance of Localized Support
Source: Image by John Hain from Pixabay
Banks in Africa require local support from their cloud providers to address the region’s unique challenges.
Local support ensures that the cloud provider understands the local regulatory requirements, infrastructure challenges, and cultural differences.
Cloud providers must also offer local language support and have a local presence to provide quick response times. For example, Oracle and Microsoft, a cloud provider, have established a data center in South Africa
How Can we Help?
Banks across Africa are adopting various digital transformation trends to enhance scalability and streamline core operational areas.
Many businesses are unaware of cloud migration projects and related services, as they require a complete transition and a well-crafted plan.
However, the latest cloud migration tools can fully streamline the migration process. This is where Finsense Africa comes in to create a roadmap and consult on industry best practices before projects start.
Access to IT resources and services without the burden of owning and maintaining the underlying infrastructure is one of the many benefits of migrating to the cloud. However, the existing infrastructure should have capacity to support migration and seamless hybrid cloud.
Sources:
0 Comments