Innovation is revolutionizing the banking industry. As the competition heats up so does the race to innovate. Every fifth European consumer is willing to use financial products from Google, Facebook and Amazon, according to a recent survey. As a result, the big financial institutions are trying to behave like start-ups by implementing innovation faster.
New services are being announced every day, including the ability to send and receive money using a mobile number or email address from Bank of America and Discover customers’ ability to freeze their credit card using a mobile app. Fueled by new technologies, there are new innovations being launched including face recognition and fingerprints for authentication and voice banking.
Since speed is at a premium to stay ahead of the competition, DevOps is becoming the preferred delivery style. DevOps accelerates the deployment of software through continuous feedback, friction-less hand offs between dev and ops, and automated testing and deployment. Within a year of Amazon's move to DevOps, engineers were deploying code every 11.7 seconds, on average.
The Danger of Moving Too Fast
Since DevOps is enabling new services to be launched faster, software quality is becoming a huge concern. A Ponemon Institute report found that financial institutions suffer an average cost of $994,000 per year due to unplanned outages, more than any other industry. Last April, when TSB moved millions of accounts from Lloyds Bank to its new owner, Spanish bank Sabadell customers were locked out of their accounts and experienced money disappearing. Some were even able to see other customers’ accounts.
In addition, increasingly impatient tech savvy users are complaining about the lack of availability and slow response time for mobile and online banking applications. According to a recent survey eighty-seven percent of banking and finance leaders reported abandoning an app due to poor performance (37%) and lack of user adoption (34%).
Banks around the world are faced with a record number of regulations, and those falling short of compliance are pay a heavy price adding up to $42 billion in 2016. A survey of asset managers, brokers and banks found that 89% believe that costs related to compliance could more than double in five years.
Automating for Better Control
The trick is to move fast without compromising quality and security. A common bottleneck is the database. While there are dozens of DevOps tools to control application development, release and testing, the database is often left behind.
For example, if your code breaks there are solutions available enabling you to fix it in a matter of seconds, and the entire process can even be automated. But if you drop you an index or a table and you don’t have the correct backup the damage is irreversible. Therefore extra steps need to be taken to make sure that the database doesn’t break when speeding up software changes and releases.
Ideally there should be a golden copy, or in other words a single copy of the database for proper version control and to sync with the application. Then there needs to be clearly defined policies and procedures regarding data security including a full understanding of which data needs to be protected based on relevant regulations, with the necessary permissions defined, and changes to permissions carefully monitored.
Most importantly, it’s best to have a pre-check before changes are merged in the database to uncover any potential problems before disaster strikes. Often there are multiple copies of the database being used simultaneously. Many serious problems were experienced by programmers putting into production database changes before they are properly tested, or by accident merging conflicting versions of the database. It’s best to identify any discrepancies between different versions of the database or drifts, and test code before putting database changes into production.
There are other side benefits as well. By automating repetitive and mundane data administrative processes, DBAs have more time to focus on strategic things such as policy management and coordination with dev teams.
DevOps enables banking organizations to increase the cadence of application releases, but they can’t afford to ignore data governance and security. It always good to move fast to stay ahead of the pack but not at the risk of breaking regulations, frustrating users, or experiencing a devastating data leak.
Yaniv Yehuda is Co-Founder and CTO of DBmaestro. Yaniv Yehuda is also the Co-Founder and the head of development for the Extreme group, a leading IT services solutions provider group that employs more than 200 IT professionals and serves more than 50 of the largest enterprises in Israel. Prior to DBmaestro, Yaniv was a Co-founder of byUman Inc., an innovative solution for managing web-enabled contact centers.