As we see those mechanisms become richer and more
robust, we will go through and be deploying that approach
to any and all of our resources — even being embedded at
the edge within a point of sale (POS) device.
As we examine the different requirements from govern-
ment regulations, it really comes down to managing per-
sonally identifiable information.
So if you can secure the transaction information, by
abstracting out all the other stuff and doing some interest-
ing cryptography that only those governments know about,
the [transaction] flow will still go through [the cloud] but
the data will still be there, at the edge, and on the device or
appliance.
We already provide for detection and other value-added
services for the assurance of the banks, all the way down to
the consumers, to protect them. As we start going through
and seeing globalization — but also the regionalization due
to regulation — it will be interesting to uncover fraudulent
activity. We already have unique insights into that.
Gardner: It seems to me that International Real-Time Pay-
ments could be a bellwether use case for such global hybrid
cloud adoption. What then are the check boxes you need to
sign off on in order to be able to use cloud to solve your
problems?
Pelizzoli: I can’t give you all the criteria, but the persistence
layer needs to be highly encrypted. The transports need to
be highly encrypted. Every time anything is persisted, it has
to go through a regulatory set of checks, just to make sure
that it’s allowed to do what it’s being asked to do. We need
a lot of cleanliness in the way metrics are captured so that
you can’t use a metric to get back to a person.
If nothing else, we have learned a lot from the recent [data
intrusion] announcements by Facebook, Marriott and Equi-
fax. The data is quite prevalent out there. And payments
data, just like your hospital data, is the most personal.
As we start figuring out the nuances of regulation around
an individual service, it must be externalized. We have to be
able to literally inject solutions to regulatory requirements
— and not by coding it. We can’t be creating any payments
that are ambiguous.
16 | THE DOPPLER |
WINTER 2019
That’s why we are starting to see a lot of effort going into
how artificial intelligence (AI) can help. AI could check ser-
vices and configurations to test for every possibility, so that
there isn’t a “hole” that somebody can go through with a
certain amount of credentials.
As we go forward, those are the types of things that -- when
we are in a public cloud -- we need to account for. When we
were all internal, we had a lot of perimeter defenses. The
new perimeter becomes more nebulous in a public cloud.
You can create virtual private clouds, but you need to be
very wary that you are expanding time factors or latency.
Gardner: Robert, it sounds like major financial applications,
like a global real-time payment solution, are getting from
the cloud what startups and cloud-native organizations
have taken for granted. We’re now able to take the benefits
of cloud to some of the most extreme and complex use
cases.
Christiansen: That’s a really good observation, Dana. A
healthcare organization could use the same technologies to
leverage an industrial-strength transaction platform that
allows them to deliver healthcare solutions globally. And
they could deem it as a future proof infrastructure
solution.
One of the big advantages of the public cloud has been the
isolation of all those things that many central IT teams have
had to do day in and day out. That is to patch releases,
upgrade processes, constantly looking at the refresh. They
call it painting the Golden Gate Bridge — where once you
finish painting the bridge, you have to go back and do it all
over again. And a lot of that effort and money goes into that
refresh process.
And so they are asking themselves, “Hey, how can we take
our three or four billion dollar IT spend, and take x amount
of that and begin applying it toward innovation?”
And if someone can take a piece out of that equation, all
things are eligible. Everyone is asking the same question,
“How do I compete globally in a way that allows me to build
the agility transformation into my organization?” Right now
there is so much rigidity, but the balance against what