In our experience selling cloud-based realtime analytics solutions to hedge funds and other financial institutions, we’ve found a few cases where CTOs are reluctant to host any important applications in the cloud. Their concern, they say, is simple: security. In fact, we’ve run into CTOs with this opinion so regularly that we’ve had to create an alternate model where Cloudmetrx can be hosted internally. This setup has colocation benefits for shops where latency is a major factor, but also serves to assuage the security concerns of the paranoid CTO.
In reality, security is a fairly easy thing to deal with. Properly configured encryption mechanisms can make any cloud-based infrastructure as safe as anything running internally. In fact, the vast majority of financial market participants are already relying on encryption to transmit other sorts of sensitive information, unbeknownst to them. In essence, security-related concerns over cloud infrastructure are, well, bogus.
Superstorm Sandy ravaged New York City, plunging a vast share of the global financial markets into darkness and chaos. For days and in some cases weeks, operations were thrown into turmoil. Nevertheless, Cloudmetrx was live 24/7 during the entirety of hurricane — not a single minute of downtime.
How did we do it? Cloudmetrx was designed to be “fault-tolerant” — that is, it was designed so that parts of it can fail and the overall system will still continue to function normally. For example, for each specialized part of the Cloudmetrx computing infrastructure, we have our resources strategically scattered around disparate geographic locations, both internationally and domestically. Most importantly, our software is able to determine when a resource is failing and redistribute traffic elsewhere.
This notion of highly redundant, highly geographically dispersed infrastructure would be impossible outside the context of cloud computing. It is, indeed, one of the foremost benefits of cloud-based applications in financial markets.
And the proof is in the pudding. While the New York Stock Exchange was shut down and my clients were unable to get to work and trade, I was quietly sitting in the dark in my apartment watching my portfolio tick in real-time on my iPhone. Even without power, and with large pieces of the global financial system shutting down, I was still able to have 24/7 insight into the risk and performance profile of my portfolio.
My hope in writing this article is that CTOs who are currently wary of cloud infrastructure for security reasons open their eyes to the idea that encryption can make any information safe for transmission around the Internet. It is a technology without with our modern financial system simply could not run. And considering the complete, unequivocal reliability of modern encryption mechanisms, the disaster recovery benefits we described here certainly should suffice to win over even the most security-conscious CTO.