No matter how much you like your living room, you probably wouldn’t expect a fish to thrive there without a tank. Likewise, you wouldn’t put a coffee table in your swimming pool. Things belong in the environments where they perform best. That’s true as your organization decides whether to continue to utilize cloud computing for your data or shift back to an in-house data and application management solution. This trend of companies moving data and operations that were previously migrated to the cloud back to an in-house solution is being deemed “cloud repatriation”.There are many good reasons to like cloud computing. In general, it can let users quickly add or remove resources in response to changing business needs, may help save money on the cost of hardware and software, and can offer a secure place to store and process data. Drawbacks of the CloudHowever, cloud computing also comes with drawbacks. It typically operates on a pay-per-use model, and a busy community financial institution (CFI) could find that the costs mount, eventually totaling more than the cost of in-house infrastructure. On top of that, the cloud’s standard security isn’t necessarily up to the same level that a financial institution might prefer for protecting sensitive data. Network latency and resource availability can affect the performance of cloud-based software, potentially leaving organizations in the lurch just when they need high performance. One recent example of this is the global outage that Microsoft experienced on July 19, which disrupted all Windows operating systems and caused flight cancellations and medical procedure delays or cancellations, among other outages. Microsoft’s cybersecurity vendor, CrowdStrike, missed an error in a software update that was meant to protect client software from cybersecurity attacks. Instead, the update caused a massive IT outage. On July 30, Microsoft’s cloud computing platform, Azure, experienced a cyberattack that, once again, caused an hours-long outageA survey by cloud insurance provider Parametrix shows that July’s outage could cost Fortune 500 companies $5.4B, $1.15B of which counts as a direct loss for Fortune 500 banking. Estimates show that cyber insurance typically covers only 10%-20% of the losses from this type of outage.Managing data and software in the cloud can be complicated, as well, and it’s often difficult to switch cloud providers once an organization is deeply embedded with a given vendor.Reasons Financial Institutions Are Leaving the CloudIssues related to these factors have begun to push data-intensive businesses, including financial institutions, to repatriate computer operations from the cloud to onsite solutions. A recent Citrix poll showed that 94% of businesses had moved some of their data and applications out of the cloud and back to onsite computers. Their reasons? Unexpected security issues (41%), high project expectations (29%), and a failure to meet or set expectations (23%) topped the list.By migrating some data and applications away from the cloud, businesses hope to gain:
- More consistent and stable costs. Not every business finds stable, predictable costs in the cloud. Moving computing to onsite premises can help them get rid of cloud billing structures, which are often complex. A cloud provider might charge different prices for different resource types, with computing, storage, and networking all carrying separate price tags. They may also charge extra for usage spikes. A CFI may find that leaving the cloud lets it save on such costs as maintaining and operating the cloud environment, training staff on cloud procedures, migrating data and applications from the local sources to the cloud, and following regulations around cloud use.
- Better performance. A good application isn’t good if it doesn’t perform well in its environment — and some applications don’t do well in the cloud. They suffer from a lack of responsiveness and latency. Sometimes that’s because the network infrastructures aren’t compatible. An application might run well on or off the cloud, but stumble if it’s moved to the opposite environment.
- More flexibility. When you give all your applications and data to a single company, it can be inconvenient and difficult to withdraw that material later. That’s a potential problem when you’re faced with a price increase or other change in your provider’s terms of service.
A Hybrid ApproachThe decision of whether or not to keep your data and applications on the cloud doesn’t have to be all or nothing. You can choose to put material in the place that makes the most sense. For some financial institutions, that means cloud repatriating — the official term for reverting data that is already on the cloud back to on-premise centers. If you are looking to dial back your reliance on the cloud, some applications and data that may be better served on-premise and removed from the cloud could be:
- Real-time processing or mission-critical software. Both of these things require high responsiveness and low latency, so it makes sense to move it closer to users and where your organization has more control over system priorities and speed.
- Applications that can be improved in-house. A CFI has more control over hardware and software on its own premises. That can let them finetune applications for more reliable, responsive performance.
- Highly sensitive data. You might be better able to implement firewalls and intrusion detection systems in-house than on the cloud. If you have security concerns about your cloud provider, this should be some of the first data you move back to your institution’s full control.
- Any data cloud storage doesn’t meet the regulatory needs of. For instance, a new Data Privacy Act is currently being legislated, and if it passes, it will impact how consumer data is handled. A financial institution that can’t meet those needs in the cloud, or finds it too difficult or expensive, might be better served by migrating that data in-house to manage it.
By consciously putting the right data and applications in the right environments, CFIs can improve their cost structure, data security, and business flexibility. It’s part of the continuing process of optimizing IT.
