WIXLIB

Accelerating ApplicationMigration to the CloudNTT DATA welcomed Dell Servicesinto the family in 2016. Together,we offer one of the industry’s mostcomprehensive services portfoliosdesigned to modernize business andtechnology to deliver the outcomesthat matter most to our clients.About NTT DATAIntroductionNTT DATA is a leading business and ITservices provider and global innovationpartner with 100,000 professionals basedin more than 50 countries. NTT DATAemphasizes long-term commitment andcombines global reach and local intimacyto provide premier professional services,including consulting, digital, managedservices, and industry solutions. We’repart of NTT Group, one of the world’slarger technology services companies,generating more than 100 billion inannual revenues and partner to 85% ofthe Fortune 100.Increasingly, banks and financial institutions are taking a business-first approachto digital transformation and adopting cloud-based computing to achieve greaterbusiness agility and competitive differentiation in the market. Banks need to choose theright cloud strategy and application migration approach to realize the real benefits ofcloud. Banks also need to overcome challenges in addressing security and complianceto regulations such as Federal Information Security Management Act (FISMA) andPayment Card Industry Data Security Standard (PCI DSS).This paper provides quick insights into how banks are adopting cloud, approachesfor migrating applications to the cloud, and solutions for addressing challenges withsecurity and regulatory compliance, and getting started with the cloud journey. It alsoexplores a detailed case study where NTT DATA helped a major global bank adoptcloud for achieving greater business benefits while ensuring security, privacy, residencyof data and compliance to regulations.

Cloud adoption trends in banking,investment and financial servicesMajor global banks are increasing theircloud investments and shifting enterpriseworkloads to both public and privatecloud. In fact, a recent RightScalesurvey found that private cloud adoptionincreased from 63% to 77%, drivinghybrid cloud adoption up from 58% to71% year over year.Cloud-native andcloud-enabledcontinuous delivery71%hybrid cloudShifting PrivateTo HybridPrivate cloud adoptionincreased from 63% to77%, driving hybrid cloudadoption up from 58% to71% year over year.1New low-codeplatforms deliver atdigital clock speedBanks, and insuranceand financial servicesorganizations are usinginnovative low-codeplatforms to quickly buildmulti-channel customerfacing cloud applications.22Banks, and insuranceand financial servicesorganizations are usinginnovative low-codeplatforms to quickly buildmulti-channel customerfacing cloud applications.211%Banks adopt public cloud in many areas,which include but are not limited to: Collaboration: Connectingemployees across branches toaccess banking systems Development and testing: Enablingbanks’ development and testingteams to quickly and easily createvirtual environments, which increasesagility Analytics: Integrating customer dataacross banking platforms to enablenear-real-time insights Business intelligence on demandMajor global banks follow a hybridapproach due to security, privacy andregulatory concerns. Public cloudbased services are leveraged fornon-critical functions such as emailmanagement, collaboration and contentmanagement. Enterprises adoptexternally hosted, private cloud-basedservices for application development,test environments and processing andanalytics.shift of IT budget fromtraditional in-house ITdelivery toward cloudcomputing as a new deliverymodel by 2016.60%of new applications will usecloud-native applicationarchitecture to enable fasterinnovation and agility by 2017.35%of new applications will usecloud-based continuousdelivery by 2018.31.“2016 State of the Cloud Report.”RightScale. January 2016.2.“The Forrester Wave: Low-CodeDevelopment Platforms, Q2 2016.”Forrester and OutSystems.3.“IDC FutureScapes 2015.”

Cloud application migration approachTypically, organizations who want tomove to cloud need to have a cloudstrategy in terms of choosing the rightcloud models and cloud service providers(CSPs) based on their business and ITstrategy. Organizations also need tohave an application migration strategyto choose the right migration paths andoptions for their applications basedon their goals, priorities, risks, returnon investment, technology, platformand tools. Some applications can bedeployed in the cloud using re-host orlift-shift strategies while others need tobe optimized for cloud to realize the realbenefits.This approach is based on an applicationportfolio analysis where existingapplications are analyzed for complexity,dependency on external applications,design elements and user interfaces.Redundant applications are groupedbased on their functionalities, so theycan be optimized to reduce the numberof applications on the target cloudplatform during the migration phase.Figure 3 depicts our framework for cloudreadiness assessment.The decision to choose the right cloudstrategy and application migrationstrategy is primarily based on anorganization’s existing application andinfrastructure portfolios. This meansthe cloud application migration journeybegins with the assessment phase.While there are different approaches formigrating applications to the cloud, NTTDATA suggest an incremental and phasedapproach. Figure 2 depicts one of thesuggested approaches for migratingapplications to the cloud.TechnologyApplicationstechnology stackStrategy and assessmentTimeline and effortPhase 0PilotApplicationsCloud suitability filtersCloud amenability analysisApplication target cloud amenabilityindex with heat mapCloud migration business caseROI and TCO cost-benefit analysisIntegrationApplication external/internal integrationMigration roadmapWave-based migration plansInfrastructureApplication infrastructurecapacity /sizingSoftware-as-a-service (SaaS)enablementSaaS amenability reportPortfolioassessmentAzure MAP tools Figure 3: NTT DATA cloud readinessassessment frameworkTransformation, automation, implementation and managementPhase 1Non-criticalapplicationsPhase 2Business-criticalapplicationsPhase 3Survival-criticalapplications Assess cloud amenability Define the cloud strategy Determine cost benefits,technical feasibility and risks Define governance model Build pilot Migrate dev/test environments Lift and shift non-criticalapplications to public cloud Move third-party andreference data to public cloud Build continuous integrationpipeline Lift and shift/lift, optimize andshift business-criticalapplications Move transactional andaccount data Modernize legacy applicationsfor cloud Build continuous developmentpipeline Modernize legacyapplications for cloud Lift and shift/lift, optimizeand shift survival-critical andcustomer-orientedapplications Integrate applicationperformance management Cloud maturity3AssessmentrulesFigure 2: Cloud application migrationapproach and roadmap

Addressing security and regulatorycompliancesAn assessment of cloud readiness is performed based on workload patterns, resultingin a cloud amenability map that lists various groups of applications and their risks.Figure 4 depicts the classification of sample applications and business processes forinvestment banking.Non-critical applicationsPublic cloudTrademanagement(front office )MiddleofficeClearing(backoffice) C lient/partner/trading portals P re/post- trade analytics I T trade support R eference datamanagementRegulatory r eportingCommon businessprocessesEmail, employeecollaboration toolsData managementservicesMarket reference data,Securities reference dataBusiness-critical applicationsHybrid cloudSurvival-critical applicationsPrivate on-premises cloud C ustomer service C ustomer acquisition P ricing and structuring T rade capture andenrichment C lient onboardingDeal confirmation R isk analysis P ost-trade compliance R D S Cegulatory reportingepository and investor servicesecurities lendingollateral managementCRM, AML, SOX risksmanagement I nvestment/fundaccounting I ncome and dividendprocessingRisk monitoring andreportingProduct data, pricing data,trade data, advisory dataFigure 4: Sample applications/business process classification for investment banking —actual classification may vary depending on assessment of an organization’s applications andbusiness processesBased on the assessment results, the deployment architecture is designed and amigration plan (for existing applications) and execution plan are created. One or moreof the following application migration options are chosen based on the outcome of theassessment: Re-host or lift-shift: Redeployment of existing applications on cloud infrastructurechanging an application’s code and infrastructure configuration Refactor or optimize: Change of application code and configurations for opensource and deployment of refactored applications on cloud infrastructure Re-architect: Breaking up monolithic application functions into modular servicesbased on distributed and modern architectures such as microservices architecture Rewrite: Rewrite existing applications leveraging cloud-native platforms such asPivotal Cloud Foundry for accelerated delivery Replace: Replace existing applications with commercial SaaS to satisfy thebusiness requirements4CPSs, such as Amazon Web Services(AWS) and Microsoft Azure, offer out-ofthe-box cloud services that can be usedoff the shelf by banks. This helps themovercome challenges with security andregulatory compliance such as: Compliance with regulatorystandards: CSPs assure compliancethrough various certifications.For instance, Azure and AWS arecompliant with FISMA Moderatestandards and with PCI DSS. WithPCI DSS, AWS complies with a setof controls important to companiesthat handle credit card information.With the FISMA standards, AWScomplies with a wide range ofspecific controls required by U.S.government agencies. Data security and residency: Useencryption and tokenization servicesprovided by CSPs for securing dataat transit and at rest depending onthe requirements. For data residencyrequirements, a tokenizationmechanism can be used to replacesensitive fields with randomlygenerated tokens that are structurallysimilar, but have no mathematicalcorrelation to the original data.The encryption and tokenizationmethods, keys and tokens can besecurely stored on-premises andcontrolled by banks. Auditing and logging: Banks cankeep a signed audit trail of whichusers performed what actionsleveraging audit trail servicesprovided by leading CSPs. Bankscan implement sign-in certificationand encryption mechanisms for thelog files to be stored in the cloud.They can also implement robustaudit logging and best practicesto quickly detect unauthorizedaccess to services, resources andapplications in cloud.