Chicago bank finds public cloud ready for prime time
Just a few years ago it would have been rare to see financial institutions operating in the public IaaS cloud, but recently there have been more examples. Last year at Amazon’s re:Invent conference Capital One’s CIO Rob Alexander described how the bank is using Amazon’s cloud to host some of the company’s newest applications. Capital One and the FHLB of Chicago show that even the most risk-averse organizations are beginning to embrace public cloud computing.
+MORE AT NETWORK WORLD: How a giant like GE found a home in the cloud | JP Morgan: ‘Monumental’ Shift of workloads going to the cloud +
It’s important to take the FHLB of Chicago’s use of the cloud with a grain of salt though: Federal Home Loan Banks are not traditional commercial banks with checking and savings accounts for consumers; they’re subject to different regulations compared to organizations like Bank of America and Capital One. FHLBs comply with the same rules that govern organizations like Freddie Mac and Fannie Mae instead. Because of those different regulations the FHLB of Chicago may be more amendable to using cloud services.
There was another key precursor to the bank’s migration to the cloud. Six years ago the Chicago bank migrated from an on-premises data center to a managed hosting provider. From 2010 to 2015 the bank operated its IT operations in a partner platform, but it still managed much of the infrastructure that underlies the bank’s operations.
In 2011 Gieger from the FHLB of Chicago began testing Amazon’s cloud for high performance computing applications that needed larger scale compute resources than what FHLB had access to.
“We found Amazon ran just as well as our on-premises infrastructure and the cost was dramatically cheaper,” he said. FHLB of Chicago’s use of the cloud turned into a trickle: disaster recovery moved to the cloud, then new apps that were built lived in the cloud. Over the next couple of years Geiger focused on getting the compliance, auditors and regulators on board. By 2014 FHLB of Chicago began a mass migration to the cloud – with the help of consultants Accenture and Avande. By April 2015 most all of the bank’s IT functions were in AWS.
The bank’s enterprise resource planning (ERP) system, human resources system and core IT apps all run in AWS. Homegrown customized apps have been developed and run out of the cloud. Most of it runs on about 1,000 instances of AWS’s basic services: Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3) and Amazon Elastic Block Storage (EBS). FHLB of Chicago uses other third-party tools too, such as Tableau for business intelligence.
Geiger says from an application architecture perspective, there were some bumps in the road migrating to the cloud, but overall it was fairly smooth. One challenge is that there are some AWS specific services that don’t have an on-premises equivalent, such as Amazon Virtual Private Cloud design (these are logically isolated virtual machines in the IaaS). So, some apps had to be designed to use that architecture. Running in the cloud simplified other services though. AWS has built-in log monitoring, so the bank can easily get a dashboard view of all activity happening in their account, which helped streamline compliance and audits.
The bank’s 100 person IT staff, including the 50 infrastructure operations professionals, hasn’t changed much either since the migration. Former VMware system admins are now managing cloud-based systems; the Windows teams are still managed Windows licenses. The only thing that’s changed is where the infrastructure is hosted, Geiger says.
So could any financial institution go to the cloud Some financial services tech executives are in no rush. Bank of America is in the midst of an IT transformation but its CTO says the bank hasn’t yet found an economic reason to move to the public cloud. Geiger says the cloud can fit just about any workload, even those from financial services firms. “I certainly believe they can,” Geiger says about banks going to the cloud. “The security infrastructure that exists around Amazon is very strong,” he says.
“I just simply don’t believe that a traditional data center hosted somewhere in Chicago is going to be more secure than Amazon.” Geiger says he’s already seen certain banks, especially smaller and larger ones outside of the U.S. make the switch to the cloud, and he expects the trend will only increase.