In an exclusive interview with Express Computer, Abhijit Chakravarty, SVP, Core Networks & Security Operations, HDFC Bank, provides comprehensive insights into the driving forces behind the emergence of Infrastructure-as-a-Service (IaaS) in the financial industry. From market trends shaping IaaS adoption to the evolving role of OEMs and security challenges, Chakravarty navigates the dynamic landscape, offering valuable perspectives. Learn from HDFC Bank’s experience in transitioning to IaaS, understand the lessons for other financial institutions, and discover the innovations on the horizon that will shape the future of banking infrastructure in the era of cloud technology.
What key market trends are driving the emergence of infrastructure-as-a-service (IaaS) in the financial industry?
The major trends driving adoption of Infrastructure as a Service (IaaS) are optimum utilisation of computing resources, increasing digitalisation, increasing demand for disaster recovery (DR), storage, and virtualisation, amongst other factors.
Migration to the cloud and modernising applications and infrastructure is one of the major reasons that enterprises are adopting IaaS.
IaaS provides great flexibility to organisations that don’t want to spend time or other resources buying, storing, setting up, or maintaining the necessary equipment. Instead, they access ready-to-use infrastructure and pay as per usage.
How do you foresee the role of original equipment manufacturers (OEMs) evolving in the IaaS landscape, and what strategies should they adopt to stay relevant in this changing market?
The market for expensive and specialised hardware has begun to be challenged, and everything is now being offered through virtualised functions driven by software. From networks, firewalls, load balancers, servers, storage, etc., everything is now available as a service via the virtualisation of infrastructure and OEMs are working to innovate and find new ways to work together, personalise products and set themselves apart in the cloud ecosystem.
OEMs are working with CSPs (cloud service providers) to provide IaaS services and customising their products and services accordingly.
Security is a paramount concern in banking. Could you share insights on the security challenges and solutions related to adopting IaaS while maintaining the highest level of data protection?
The security of information and data, including configurations, continues to be largely the responsibility of the customer. The common cloud security failures are broadly misconfigurations, access control, threat monitoring and detection, and audits.
The customer will have to define and own the security posture of the environment in IaaS, including all the components under the broad classification of infrastructure security, identity security, data security, and business security.
In a nutshell, the complete GRC (government, regulation, and compliance) will continue to be the customer’s responsibility and ownership.
As Senior Vice President of Core Networks & Security Operations, how has your bank navigated the transition to IaaS, and what lessons can other financial institutions learn from your experience?
The common cloud migration approaches and strategies are: rehosting, redeployment, repackaging, refactoring, repurchasing, retaining, and retaining (commonly referred to as the 7 R’s). There is no straight formula or silver bullet that can be prescribed. However, a few basic steps or approaches to consider are:
-
- Identify what is to be migrated.
- Very clearly articulate why the migration is being done (objectives) and the RoI (return on investment)—are you trying to solve a problem or create a new solution?
- Work on the solution design of the workload to be migrated.
- Check for compatibility of cloud native infrastructure resources for your specific application.
- Identify a CSP (cloud service provider) that meets your requirements for technology and services.
- Check on the components of visibility, security, and controls.
- Deploy, operate, and optimise.
With the rapid advancements in cloud technology and IaaS, what innovations or developments are on the horizon that will further shape the future of infrastructure in the banking sector, and how will banks stay ahead in this dynamic landscape?
The major developments and innovations are in payments, lending, and digital banking. Innovative products and services using the SST (simplicity, speed, and trust/security) framework to deliver the ultimate and personalised customer experience are the driving force behind adopting new technologies like IaaS, which helps the bank with agile and robust go-to-market (GTM) strategies and have a first-movers advantage in this ever-competitive market.
DevOps, DevSecOps, Serverless, Low Code No Code (LCNC), Blockchain, High Performance Compute (HPC), AI & ML, etc. are the few top-of-mind recalls on the technological advancements and evolutions that banks will have to embrace soon to stay competitive in the market, and it is almost impossible for any enterprise to host all these in their captive DCs or collocated spaces, and I foresee that enterprises will lean onto IaaS providers for such.