Virtualization technology provides platform for digital transformation with comprehensive software-defined approach that spans public and private clouds with unified device management which has security as the linchpin.
By Ramesh Vantipalli
It is rare to find a bank these days without a mobile app or two of its own. Beyond apps, it’s also common to find it in open digital dialogues with its customers. Widespread connectivity and digital explosion are bringing banks and other financial institutions literally to their customer doorsteps. They are where the customers are as their physical footprint continues to shrink. Along with the forays being made in digital economy, there is a countrywide push for financial inclusion. A visible impact of these initiatives is large scale expansion of Automated Teller Machine (ATM) networks into remote corners of India.
Security of the distributed touch points of the banks like ATMs assumes critical significance as are the ways to manage them, keep them logged in and be able to receive updates over the wire. Banks need to have an iron grip on the computers powering the ATMs so that no unauthorized access is ever permitted other than what is required for an ATM to function.
Financial institutions are also leveraging the digital transformation to open up new lines of business while offering their customers many simple, engaging and productive experiences that will help retain them as market offers many choices with the recent introduction of payment and microfinance banks besides several Non-Banking Financial Corporation (NBFC) alternatives.
Hence, the benefits of a large scale business transformation are two-fold: higher accessibility, stronger security and better experience for end customers; and, opportunities for business growth, higher uptime, better compliance, lower costs and easier endpoint management for banks.
To enable this transformation, a comprehensive security platform instead of an ad hoc point solution is essential. Any gap in security implementation can leave a huge adverse impact on the institution’s credibility, rating and the ability to launch new services in future. Thus, the strategy for banks will only fructify when the farthest and most remote end point is fully, reliably, effectively and securely managed with ease. Deep and distributed network of financial services can ironically become its USP and weakest link at the same time.
Virtualization technology provides such a platform with comprehensive software-defined approach that spans public and private clouds with unified device management which has security as the linchpin. Virtualized platform can protect intellectual property and customer data with its intrinsic, highly granular and policy-driven security that is native to the application. Not being tied down to a physical resource at any particular location makes it possible for a new payments bank with an aggressive rural expansion plan for example, to deploy peer-to-peer technologies for pushing updates farther and faster in a more reliable and bandwidth-optimal manner.
There are additional factors on the horizon to consider like European Union’s (EU) General Data Protection Regulation (GDPR) whose impact can be swift, silent and ruthless. Many such security mandates are already looming on the horizon as various nations lock down their ‘digital borders’ in their own way. For example, in the case of GDPR, banks needs to undertake a thorough analysis of products and services in order to assess, map, correct any potential security gaps and comply with it whether the organization is based in EU or not.
In order to proactively address such threats, multinational banks and financial institutions with international exposure for example, need to look into advanced security technologies beyond access control and encryption. Application level tunneling instead of device level tunneling technologies like traditional Virtual Private Network (VPN) stops malware from being able to use the device VPN route to the enterprise Data center. Security does not mean locking things down any more. It should instead be based on federated identity systems that allow seamless and friction-free access across the enterprise. Finally, micro-segmentation at the app level or even task level can be implemented which enables extremely granular security implementation.
Use of appropriate non capital-intensive technologies like Virtual Desktop Infrastructure (VDI) makes employee on-boarding and their access to training resources more structured and employee conduct and performance more compliant with various institutional and regulatory standards. Embedded security of virtualization technologies provides the firm ‘guard rails’ for the accelerated expansion strategies of banks across the country. When coupled with a robust Disaster Recovery (DR) strategy across Data Center (DC) and Cloud, high uptime/Always On infrastructure can be realized. The most important economic benefit is that all critical information systems become efficient and cost effective while all endpoints can be managed from a single console. This can free up the creativity and energy in these institutions leading to improved business models, more engaging user experiences and better employee morale overall.
In summary, I would say that banks and other financial institutions are at a crossroads between boutique banking and completely digital banking in this country where good models of both exist side-by-side. Virtualization by its very design enables both and makes it possible for the entire Information Technology (IT) platform to be instantiated as a service while providing attractive benefits of faster employee ramp, higher mobility and flexibility, better security compliance, simpler IT support and management, more personalized and engaging Ux with true 24×7 access. With extensive mobile banking services across the country being a reality, the dramatic benefits of scalability and efficiency provided by Virtualization and related technologies can no longer be ignored by banks and financial institutions if they want to stay ahead of their fierce competition.
The author is Director, End User Computing, Systems Engineering at VMware India.
