04:05 PM
Daniel Retzer
Daniel Retzer
Connect Directly

Donít Perform Surgery on Yourself: The Case for Managed IT Services

Instead of putting systems and solutions in the hands of experts who specialize solely in managing the security and integrity of IT assets, many financial services firms react to security incidents by insisting on total control.

Napoleon Bonaparte famously contributed the phrase, “If you want a thing done well, do it yourself.” But even Napoleon, a well-documented micro-manager, eventually met his limits in Russia and at Waterloo. We all have those moments of enlightenment or exasperation when we believe we have the skill and focus to achieve anything. But the reality is that if we tried to do something so completely foreign to our experience, the result would be every bit as bad for us as Russia was to Napoleon’s Grand Army. So the question remains: Why do so many financial services firms also think that they are IT services and security firms? 

Managed IT services have carried a number of labels over the years. From the outset, ASPs (application service providers) promised to alleviate the cost of running and maintaining infrastructure and software. The cloud, in addition to yielding a raft of acronyms ending with “aaS” (as-a-Service), promised a commercial model where infrastructure, software applications, and platforms were attainable on a utility basis. Each successive generation of managed IT service has offered more flexibility, more capability, and lower costs.

However, many firms have traditionally set a number of barriers to adoption. These barriers may include internal policies and processes. They arise from an attitude of caution, or an abundance of ignorance. Managed hosting and managed IT services firms must remain sensitive to these concerns and work with the industry to build trust and remove barriers. Financial services firms should be able to confidently deliver exceptional products and services to their clients while trusting that the systems and software running these services are safe. Banks and IT services firms are partners in this ecosystem, with each focusing on what it does best to the benefit of the client.

In this vastly interconnected and online world, it may seem natural that as the financial services industry evolves to address the complex needs of its clients, the systems and infrastructure comprise the engine of business. In other words: Information technology may, in certain contexts, be regarded as the embodiment of financial services.

This leads to a certain world view that the two disciplines are inseparable and therefore financial services firms must evolve to become technology firms in order to prosper. The complexity and effort required for providing software applications and services in any usable capacity begins to overshadow the core financial services business. And in order to stay current with the constantly evolving technology and security threat landscape, financial services firms may believe that they must become experts in managing and hosting their IT assets and the products that run on them. IT systems management and security becomes a distraction to their business.

This, of course, leads to a potential identity crisis in which firms end up straddling the line between being technology firms and being financial services firms. These firms generally believe that they cannot truly commit to trusting critical systems to an outside partner. Trust can be further eroded, through no fault of the service provider, by a continuous stream of security exploits, hacks, corporate vulnerabilities, and information theft.

This response defies logic, however. When faced with a critical operation or process, common sense dictates that trust is best placed in the hands of experts. Performing surgery on one’s self doesn’t alleviate the risk of a procedure going badly! Therefore, the adage, “if you want something done well, do it yourself,” carries only so far.

Instead of putting systems and solutions in the hands of experts who specialize solely in managing the security and integrity of IT assets, many financial services firms react to security incidents by insisting on total control. Therefore, the greatest barrier to managed IT services and managed hosting remains trust, despite the fact that managed IT service providers are logically the most qualified to address the threat landscape.

Despite some prevailing attitudes regarding security, some of the barriers to adoption have recently begun eroding. A combination of economic constraints, the constant onslaught of malware and miscreants, and an increasing adoption of cloud and hosted systems throughout a wide demographic of other industries have begun to build a convincing argument that managed services and the cloud can be trusted.

Many firms that traditionally have managed their own applications and assets have begun outsourcing some of their applications. The adoption curve is conservative at the outset -- starting with small-scale, low-impact products and systems. But as these projects and products demonstrate reliability, security, and cost effectiveness, firms begin to move more and more applications and services to a managed environment.

The benefits that firms realize are often surprising in that they don’t follow the purely economic, scale, or security lines. Firms report improvements in client service, an accelerated on-ramp to offering new products and services to their clients, and streamlined operations. According to the Tabb Group, by 2016 approximately 50 percent of financial institutions will use managed services to outsource the management of their IT infrastructures. 

Information technology, systems, and services are critical to financial services, but the two disciplines require individual and intrinsic focus to ensure the safety, security, and reliability of products and services delivered to consumers. It’s important to financial firms that they can trust that their information and their clients’ information are safe. It’s equally important that managed services providers remain focused and vigilant on the evolving threat landscape while remaining partners with financial services firms for business enablement and innovation. The benefits of the two disciplines maintaining individual focus ultimately benefits the financial services client.

Daniel Retzer is senior vice president and chief technology officer for North American (NorAm) Securities in SunGard's capital markets business. He is responsible for bringing the SunGard Financial Systems and capital markets technology vision to NorAm. This includes driving ... View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters
7 Unusual Behaviors That Indicate Security Breaches
7 Unusual Behaviors That Indicate Security Breaches
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.