Regulatory Tug-Of-War And The Rise Of The Hybrid Cloud

By Malcolm Ross, VP of Product, Appian

The tug-of-war between regulatory compliance and operational efficiency is causing companies to turn to the “hybrid cloud” for their business applications. Companies want the benefits of the cloud but need to control confidential customer data. This is particularly true in the financial sector, where security regulations often require that sensitive customer data remain in a company’s local country.

The hybrid cloud is a cloud computing environment that works with a range of on-premises infrastructure and even other public cloud services. There’s orchestration among platforms to make sure workloads can be moved among the hybrid components. The hybrid cloud offers the cloud advantages of operational flexibility and lower-cost deployment while also adhering to data protection and other regulatory requirements. In a nutshell, companies are embracing the hybrid cloud because it strikes the ideal balance.

No one can deny that the cloud speeds organizations’ delivery times with on-demand access to applications and application improvements, all with lower operational expenses. Without the capital expense of building infrastructure, costs are redirected to time and materials expenses at a fraction of what an on-premise system or private cloud would cost.

The business challenge with a cloud-only solution — especially in the financial industry — is that national regulatory environments here and abroad require the absolute security of client information. Say, for example, that regulatory compliance guidelines in a particular country call for information about citizens to remain exclusively within the country. Unfortunately, the cloud service my company wants to use is based in another country.

How can my company gain the efficiencies of a software stack located outside the country while still satisfying local privacy requirements? The hybrid cloud allows a best-of-breed architecture for different parts of the business solution.

Constant changes in compliance regulations are another reason companies are moving to the hybrid cloud. If my company chooses an architecture that’s primarily cloud, and my country passes some new law prohibiting doing business in a particular country, the massive investment I’ve made in the cloud will have to be re-architected to comply with that new regulation. Again, the hybrid cloud seems to be the answer.

As part of a hybrid solution, consider the example of a business process management (BPM) cloud. Cloud BPM allows orchestration among networks – what to do next, whom to notify, and the status of processes. The company still retains the personally identifiable information of individual account holders.

With a Cloud BPM in the hybrid architecture, a company can provide account services in the cloud, but they’re controlling the data inside their own firewall. Account information always resides in the company’s own architecture, ensuring compliance with data privacy regulations. The hybrid cloud offers a risk hedge to keep control of data while still leveraging the benefits of cloud architectures.

The future of this technology depends on the regulatory requirements of particular countries, and how they change over time. They’re the ones that are really forcing companies to have tighter control. There are over 190 countries in the world, each one passing its own laws and regulatory requirements.

You have to choose the solution that makes the most financial sense, which for many looks like the cloud. At the same time, you have to be prepared with physical architectures that comply with whatever regulatory changes may come down the pike. These competing pressures are the strongest argument for using the hybrid cloud in your business.

Malcolm Ross is Vice President of Product Marketing at Appian. Malcolm has been directly involved in the implementation and development of enterprise BPM solutions for over 10 years with a variety of BPM platforms. Prior to his involvement with BPM technologies, Malcolm worked for leading B2B and B2C ecommerce software providers and led numerous technology consulting engagements at Fortune 100 corporations. Malcolm received his BS degree in Computer Science with a minor in Actuarial Mathematics from Florida State University.