INFORMATION SYSTEMS MANAGEMENT

Case Study on
FINTECH: Choosing a Cloud Service Provider
 Fintech Overview
2

 Founded in 1991

 Based in Tampa, Florida

 Privately Owned Company

 Process electronic payments and report relevant data to U.S wholesale

distributors and retailors of alcoholic beverages
Electronic Fund Transfer Payment System (EFTPS) Process
3

 Wholesaler deliver alcohol to retailer

 (Using EFTPS) Wholesaler creates and delivers invoice to retailer

 Retailer receives invoice and authorizes payment

 Fintech withdraws funds from retailer account and electronically transfers

payment to wholesaler within the required time period. If there are insufficient
funds into the retailer account, Fintech pays the amount due to the wholesaler
(and retailer subsequently pays Fintech)

 Wholesalers reports this Sales of Alcohol to retailer by required date

 Cloud Overview
4
 Cloud technology : core disruptor of digital age because of its interaction with rapidly
growing data and analytical landscape
 A model for enabling ubiquitous, convenient, on--demand network access to a shared pool of
configurable computing resources that can be rapidly provisioned and released with minimal
management effort or service provider interaction
 From a managerial perspective, a key attraction of cloud computing was that an organization
could rent a cloud service instead of making heavy up—front investments in computers and
software.
 A cloud service was seen as a utility
 Cloud computing also transferred the work associated with updating infrastructure and
ensuring high reliability to providers who were able to capitalize on their extensive experience
and scale
 Major challenge was security as more and more businesses adopted the cloud. Big share of
confidential data and apps are put in the cloud by users and security challenges (DDoS or
other cyberattacks), data loss, and Potential outages can increase
 User Interaction with Cloud Computing Services
SaaS: Software as a service
 Applications such as Dropbox, Gmail, Skype,
Twitter, and YouTube
 In SaaS, a customer only needed a standard
Internet browser and user credentials
 SaaS providers developed and managed the
software that they delivered online
 SaaS providers used a “multi—tenant”
architecture designed to serve many clients
 Many SaaS products worked equally well via
desktop or laptop computers, tablets or smart
phones.
PaaS: Platform as a service
 A Platform as a Service (PaaS) provider, such as
Amazon, owned and operated server farms/data
centers
 provided useful tools —— such as automatically—
updated operating systems, development tools and
middleware
 PaaS provider would manage and deliver both the
infrastructure and behind—the—scenes software
5
ASP: Application Service Provider
 When working with an ASP a customer
needed to download some client software to
their machine before it was possible to work
with that software online.
 ASPs managed and hosted third—party
software
 A separate instance of an application was
Cloud dedicated to each particular corporate
customer
Computin
g Services
IaaS: Infrastructure as a service
 An infrastructure—as—a—Service (laaS)
provider owned and operated the server
farms/data centers, but its clients’ IT staff
would choose, install, and maintain their
own middleware, developer tools and so on.
 Security Concerns with Cloud
6

 Data breaches, Compromised credentials and broken authentication, Hacked interfaces and
APl’s, Exploited systems vulnerabilities, Account hijacking, Malicious insiders, APT
(Advanced Persistent Threats) “parasite”, Permanent data loss, Inadequate diligence, Cloud
service abuses, DOS (Denial of Service) attacks, Shared technology and shared dangers

 Most relevant to cloud were APTs as they infiltrate systems to establish a foothold, then
stealthily exfiltrate data and intellectual property over an extended Period of time

 Second, Cloud service Providers share infrastructure, Platforms, and applications, and if a
vulnerability arises in any of these layers, it affects everyone
 Security Threats

Data Hacked Account

Breaches Interfaces Hijacking

Exploited
Broken Malicious
System
Authentication Insiders
vulnerabilities
 Security Threats
8

Advanced
Persistent Inadequate Denial of
Threats Intelligence Services

Shared
Cloud Technology,
Permanent Service
Data Loss Shared
Abuses Dangers
 What each CSP Offers
9

Amazon Web Services Google Cloud Platform Microsoft Azure

• Cloud Security • Information Security • Design and

• Professional Services Team Operational Security
• Penetration Testing • Data Centre Physical • Security Development
• Vulnerability Reporting Security Lifecycle
• Security Bulletins • Server and Software • Encryption
• Compliance Partners Stack Security • Identity and Access
• Data Access and Management
Disposal
 Role of Cloud in Fintech’s business
Benefits of Using Cloud:
 Scalability
 Unlimited Storage Space
 Backup & recovery
 Cost Effectiveness
 Device Diversity
 Faster Deployment
 Agility
10
 Currently EFTPS handles the
payment transactions
 Further increase in daily transactions
meant increase in Data Volume
- Cloud could be one cost effective
solution for this scalability
Fintech’s Cloud Initiative:
 Entire EFTPS systems will not be moved to the cloud
 Copy of data generated by EFTPS will be uploaded to cloud
 This would be a good start for implementing cloud and to know the
pros and cons of the system
 Fintech Architecture and Cloud Incorporation
11
Fintech staff use Data
Warehouse for Data
Fintech EFTPS Analysis & Reporting
Transaction Database

Uploading to
Cloud Cloud solution
stages and
processes data
Data
Extraction
Fintech Local Data
Warehouse

Fintech Clients
securely access
data in cloud

Fintech EFTPS collects daily

Invoice transactions
 Use Case for guiding Provider Evaluation
12

EXTRACT LOAD, STAGE, PROCESS RELEASE

 Daily transactions  Client specific data is  Processed data

recorded in EFTPS loaded into the Cloud released to clients
database solution  Access to data
 Extracted data copied  Required staging of subject to
to Oracle Data the data happens  Security
Warehouse  Further processing of  User Access
 This also contains the data takes place
relevant Master Data  Any custom
programing of the
data
 Transforming into
compatible format
 Evaluation of Cloud Providers
13
Training:
1 Evaluation of training services that each cloud provider offers & if local trainers are available

System Administration Support:

2 Fintech IT staff to maintain the cloud – Evaluating providers to ensure this capability

Customer Support:
3 Evaluation of provider based on the levels of Customer Support they offer

Data & System Availability:

4 Evaluation of cloud provider based on
 Ease of access to data
 High system availability – Up Time

5 Security:
Cloud provider to be evaluated on their capability to control and provision data

6 Programmability:
Fintech would apply proprietary algorithm to data
 Evaluation of cloud application based on their ability to adhere to specifications
Options at Hand
14
 15

Visual Studio and SQL Server Data

Tools to be used to create SQL Server
Integration Services Packages
(SSIS Packages)
 Amazon Web Services
16
 SSIS is used with a third party tool to
load data into Amazon Simple Storage
Service (Amazon S3) for staging
 A third party tool is used again to
extract data from AWS S3, load and
process into AWS Relational Database
 Data access on AWS is controlled via
secure AWS JDBC or ODBC connection
by the client using AWS User and Host
Amazon Web Services features
17

 Expansion of database instance to

16 virtual CPUs
 Instances are organized as nodes
allowing easy expansion or
contraction of configuration
 Inclusion of third party tools to
load test data into AWS,
integrating well with the current
systems
 Offers lower support cost than
Google and Microsoft despite
having similar support
Prominent Companies Using AWS
18
 Google Cloud Platform
19

 SISS used with MySQL ODBC

Driver to load, stage and process
data into Google Cloud SQL
Relational Database
 Data accessed on Google Cloud
SQL via secure My SQL JDBC or
ODBC connection by the client
using Google User and Host
access controls
 Google Cloud Platform features
20

 Increased database instance to 16

virtual CPUs to meet computing
and storage requirements
 Lower cost than Microsoft Azure,
competitive with AWS
 Database configuration flexible
and easy to customize
 Extremely flexible pricing, offer
discounts as the number of
customers using the service
increases
Prominent Companies Using Google Cloud Platform
21
 Microsoft Azure
22

 SSIS with MS ODBC

Driver to be used to
store, load and
process data into MS
Azure SQL
 Data accessed via
secure MS ODBC
connection by the
client using MS Azure
User and Host access
controls
 Microsoft Azure features
23

 Can be used to mitigate data for many existing applications to the cloud
 Less expensive than the current on-premise licensing cost for Microsoft SQL Server
 Cheaper in terms of application re-development cost
 In-memory database used to execute fast computations, done by optimizing data
representations stored in active memory and a copy stored on the hard-disk
 Improves the performance of the proprietary algorithms
Prominent Companies Using Microsoft Azure
24
 Comparative Analysis
25

Step 1 Use Case was the same for each cloud services provider
Step 2 Use SSIS with MS OBDC
Driver to load, stage, and
process data into MS
Azure SQL
Step 3 Client, using MS Azure User
and Host access controls,
accesses data via secure
MS ODBC connection
Use SSIS with MySQL ODBC Use SSIS with third party tool
Driver to load, stage, and to load data into AWS S3
process data into Google for staging & use third party
Cloud SQL Relational tool to extract data from
Database AWS S3 and load and
process into AWS Relational
Database or Data
Warehouse.
Client, using Google User Client, using AWS User and
and Host access controls, Host access controls
accesses data on Google accesses data on AWS via
Cloud SQL via secure a secure AWS JDBC or
MySQL JDBC or ODBC ODBC connection
connection
 Key Observations
 Use its SQL database to migrate data
for many existing applications
 Less expensive than current system
 Might be cheaper in terms of
application re-development cost
 In-memory database, which executes
computations really fast
 More expensive than Amazon and
Google
 Difficult to customize the configuration
in Premium Tier
 Computing performance calculation
based on DTUs confusing
 Cost lower than Azure, similar to AWS
 Database instance configuration was
flexible and easy to customize
 Flexible Pricing
 Volume Discount
 Increase the Google Cloud SQL
database instance to 16 virtual CPUs to
meet requirements
 Cannot accurately calculate long term
cost savings until it is actually learnt
how customers use this service
26
 Offers Redshift, a database which is
specialized for data warehousing
 Instances are organized as nodes,
which allows to easily expand or
contract the configuration
 Third party tool integrated nicely with
existing extraction packages
 Lower support cost than Google and
Microsoft
 Have to expand the database instance
to 16 virtual CPUs
 Had to purchase a third party tool to
load test data into AWS
 27

THANK YOU!