Yesterday we had one of the largest AWS User Group meetups ever in the UK at Investec, and was quite epic to be honest. We had drones, flashing hoodies and lots of interesting stuff to hear. One of those talks was from Investec (venue sponsors) and they walked us through their AWS experience.
I do agree with their challenges, mostly around regulatory pressures, yet the focus should be about applications (optimize) and not just infrastructure (lift and shift). Also, having new competitors and the digital growth is quite appealing for a change.
Then they talked about their journey into AWS and what they did. Funny to see they mentioned on the slide before, to focus on applications and not infrastructure, because that was their mistake in the beginning (and everyones) – focus on EC2, VPC, S3, etc… That’s infrastructure, not apps. Storage is also a big plus when moving to a cloud service, while doing MVP’s/PoC’s always helps people to be on the same page and experimenting different things to see if it works. As a bank they first moved a few services (nothing major), but was interesting to see a branch office pilot being done.
Finally their learning lessons: Infosec should be part of the whole process since the beginning, multitenancy is still a problem for some, encryption as well, network segregation and capacity planning for vpc’s should be taken into account. AWS should really streamline the vulnerability scanning process, at least for these regulated customers that need to do that on a regular basis.
Most of Investec cloud challenges come from a mentality and process change, whilst dealing with all regulatory and security workflows and requirements. It’s good to see them experimenting new stuff on the cloud and I think we’re going to see a lot of other banks adopting the same approach in the near future. I do believe that for banks to achieve this, they should go into ‘startup mode’ – but that’s for another different post 🙂