O365 Cloud adoption in banking sector – dream or a nightmare?
One would hope that activation of a cloud service in an enterprise environment with numerous technical experts would be as easy as activating your private subscription of your favorite public cloud. How foolish can you be?! At home it takes you just few minutes and a handful of clicks and you can enjoy the benefits of extreme mobility, security and always up-to-date cloud service instantly. Not to mention that in many cases you can get a decent functionality offer for free.
Why is it then, when dealing with cloud implementation in a banking sector that it becomes a lengthy, pricy and all over exhausting process? The cloud implementation can be split into 4 large phases:
A) PREPARATION
B) ACTIVATION
C) MIGRATION
D) USER ADOPTION
The activation itself is actually a piece of cake, almost comparable to the activation of your personal Dropbox, Google or Office 365 subscription. The disproportionate differences are in the lengthy phases of preparation, migration and user adoption.
In the preparatory phase you will deal with selecting the suitable cloud service, exhausting internal lobby work with key stakeholders, contractual preparations, never ending analysis of the service with respect to compliance and regulatory requirements, encryption methods, secure authentication mechanisms, integrations with on-premise identity and access management solutions, analyzing your network impacts, conducting risk analysis reflecting your risk appetite and many more. Once you have it all prepared, ready to be activated, the cloud solution evolves, provides a new subservice, component or integration which requires refresh of the analytical outcomes…
In the preparatory phase, one also needs to compile a team of experts who will be able to implement the solution, migrate data from legacy on-premise software and eventually also supporting the cloud solution in production.
In the migration phase you are forced to consider what type of data you will be uploading to the cloud. Having a consistent data classification and data handling policy becomes a must and a decision needs to be taken, what sensitivity levels you will allow to be uploaded to services providers’ data centers. That’s a serious paradigm shift for a traditional bank, which is used to have highest levels of security and compliancy in their datacenters and controlled by internal staff in a 24/7 mode. Letting this control go, requires having all desired aspects properly contractually covered and potentially seeking additional assurances such as Customer Compliance Program provided by Microsoft.
The user adoption phase is challenging for different reasons. If you underestimate the management of change aspects, the main headache for the internal cloud supporting organization is the dramatic increase of RFI incidents. Involvement of internal communication, HR and change management departments is highly advisable. Dedicated team consisting of these specialists will be of added value when teaching end-users how to use the new solutions in order to help them adopt a new way of working which will provide tools for their modern workplace.
Lukáš Cibulka
My previous assignments within KBC Group were in roles of IT Business Analyst involved in SAP, ServiceNow and Apptio implementations. As a Solution Architect I was responsible for the technical realization of the merger and acquisition of KBC ICT Czech Branch by the CSOB Bank.
The fact that I have been raised in Germany is reflected in my attention to detail and deadline orientation. Working in India for an American company on the other hand thought me how to be efficient in an (un)organized chaos :) Both features came quite handy when starting up a Global O365 Competence Center for 15+ European banks and insurance companies.
My formal education I acquired in Germany, Czech Republic and Austria in the fields of International Trade and Management of ICT projects.
Phone: +420 737 215 220
E-mail: