Updates on the technology that drives the financial services sector

Frequently asked questions

First item
What is the difference between Microsoft cloud and Azure?

Microsoft 365 is the collective name of Microsoft’s leading Software-as-a-Service (SaaS) productivity cloud products, which include services like Office 365, Exchange Online, OneDrive, SharePoint, Teams and more. Typically, it’s used for office, email, file storage and communications.

Microsoft Azure is the name of Microsoft’s flagship Infrastructure-as-a-Service (IaaS) or Platform-as-Service (PaaS) products. It’s deployed as a scalable, reliable solution to host or develop business applications in the cloud. You can think of it as replacing any servers you have in your office or data centre that host your business applications.

Where does Microsoft store my data? Can we control where it resides?

Microsoft allows you to set data residency locations based on different regions. This means that your data is only stored in those specified geographical locations. This is critical for regulated firms that need to have control over the jurisdictions in which their data resides. The data can also be replicated to separate physical locations within the same region.

Will all my applications work in the public cloud? Does the public cloud offer desktop applications?

If you’re using an off-the-shelf application, instead of considering if it will work in the cloud, we would recommend seeing if the vendor has their own SaaS service. This moves the responsibility of maintaining the cloud infrastructure to the vendor. Another option is to move the application to the cloud but design it in a way that makes it more secure and cost-effective in the cloud.

A cloud readiness assessment is a great way of evaluating your options for moving applications to the cloud. Using our standard methodology, the Lanware cloud readiness assessment evaluates each business application and places them into six different categories to provide a suggested cloud strategy. By following this methodology, up to 20% of applications can be retired based on our experience.

Can you work offline in the cloud with Microsoft Office 365?

Most cloud technology requires a working internet connection but it depends on the cloud service. In Office 365 OneDrive for example, certain files can be marked as available offline, be worked on without a working internet connection and then synched automatically to the cloud once the device is online again. As with any element of technology, the configuration of offline working needs to be carefully implemented along with the security of data stored locally on devices.

Can disaster recovery be done in the public cloud? How does it work?

It depends on what public cloud services you are using and what disasters you are looking to protect against. With SaaS and Microsoft 365 for example, the responsibility for disaster recovery fully sits with Microsoft as the cloud provider. If there’s a major disaster at one of their data centres (e.g. fire/flood) the cloud provider is responsible for invoking their own disaster recovery plans and ensuring that the service continues to be delivered via another data centre, without the need for any customer involvement.

With IaaS and Microsoft Azure, the cloud provider is only responsible for protecting the hardware and virtualisation layer from disaster and ensuring it is available via a separate data centre. In this instance, the customer is responsible for protecting the virtual machines that run their business applications.

Microsoft provides native tools to support this process, such as the Azure Site Recovery Manager, which can be automated to reduce recovery times.

What are the solutions for archiving and backup in the public cloud?

Cloud providers will not typically provide a robust backup of your data. With Microsoft 365, data is retained for a period but not backed up so you will need to use specialist third-party products for this. These services are diverse from the Microsoft cloud so that the data can be recovered in the case of a catastrophic failure. Several back-up technologies are available in the market and it’s important to work with a knowledgeable provider to ensure they are effectively managed and maintained.

Does Citrix have its own cloud? Are Citrix Desktops obsolete in the public cloud?

Citrix is a virtual desktop product and virtual desktops remain a powerful and important feature within the Microsoft cloud. Azure Virtual Desktop (AVD) is Microsoft’s own product which has seen a huge amount of rapid growth, particularly because it is optimised for Microsoft 365 which also includes Microsoft Teams. For companies wishing to stick with Citrix, or run a hybrid model which works with their on-premise infrastructure, there is a Citrix cloud solution which runs in Microsoft Azure.

What are the contractual responsibilities of our cloud service provider, ourselves and Microsoft?

As the customer, you will enter into a Customer Agreement with both the Managed Service Provider (MSP) and Microsoft. This will govern the activities of the parties in a single document which is designed to enable you to procure the full spectrum of Microsoft services through various channels. Under the agreement, the MSP will effectively become your designated Cloud Service Provider (CSP). All Microsoft cloud subscriptions will be in your name, with your MSP acting as the designated administrator with responsibility for management and billing.

How do you ensure cloud FCA regulatory compliance? How do I ensure my provider contract is compliant with the FCA Rule Book on outsourcing?

Microsoft offers a special Financial Service Addendum to their Customer Agreement. This provides key special rights (for a fee) such as oversight of audit results, agreement to work with the regulator and special termination provisions.

Does the public cloud make it easier to switch Managed Service Providers?

Assuming your current infrastructure is hosted in your Managed Service Provider (MSP) data centre, when you move to the public cloud, switching providers in the future is simpler because the technology doesn’t sit with the MSP, it’s in the Microsoft cloud and the client’s name under their “tenant”. The process to switch MSP with Microsoft should be clearly defined as part of the agreement with your MSP– this is known as “Exit Management”.

How do you manage security in the cloud?

The major cloud providers adhere to a shared security model where the responsibility for security is shared between the cloud provider, the Managed Service Provider (MSP) and the customer. In the first instance, as the customer, you will need to understand which aspects of security you are responsible for vs the cloud provider and apply your security policies and controls.

A simple example is Microsoft 365 and two-factor authentication. Historically, this is not enabled by default and is the customer’s responsibility to configure. Not configuring it, which is the case for many, leads to security breaches. One of the key considerations when moving to the cloud is ensuring clarity between yourselves and your MSP as to who is managing what.

It’s also important to work with a partner who can give clear guidance about what is expected of you as an organisation.

What are the risks of public cloud?

The biggest risk is security. By its nature, the public cloud is “public” and available anywhere, which means your applications and data can be accessed from wherever there is an internet connection. This means the attack vector is higher than running similar services on-premise which may not be so exposed to the Internet. It’s important to find the right partner who knows how to configure cloud services securely and take advantage of all the native security controls so that your systems are being used in a secure and agreed fashion. To clarify, the Microsoft cloud is extremely secure provided it is set up and managed correctly.

What happens if we have an outage in the Microsoft public cloud?

Outages do happen, and it’s critical that you have suitable contingency and resilience in place.

For example, email continuity services, or replicating virtual machines running business applications to geographically redundant regions, can mitigate the risks of outages.

It’s important to note that disaster recovery scenarios will still need to be managed, so it is essential you work with your Managed Service Provider (MSP) to ensure roles and responsibilities are clearly defined; and any technology changes needed in a disaster scenario are managed effectively.

What user side security needs to be in place for “anywhere working” in the cloud?

Microsoft 365 is designed to work on the “zero trust” model, which assumes that the end user device or network you are accessing the cloud from is untrusted. Security controls and features are then deployed to check the device’s security before access is granted. For example, if the user is accessing the cloud via a device that doesn’t have an encrypted hard drive, or they try to access it from a region of the world that is considered to be unsecured, access may be denied.

Features such as Microsoft Azure Information Protection (AIP) prevent data loss and render files or data used on a personal device inaccessible.

How do I meet my data protection obligations when using the public cloud?

Microsoft provides a Products and Services Data Protection Addendum to the Customer Agreement as standard. This sets out their obligations for the processing and security of customer data, professional services data, and personal data in connection with their products and services.

How does pricing work in the public cloud?

Cloud providers offer a subscription-based pricing model, based on usage and utilisation of resources, for either monthly pay-as-you-go or on a fixed price basis. Billing is handled either by your Managed Service Provider (MSP) or directly through Microsoft. Cloud billing can be complex to understand if you are not a technology professional, and it can be easy to miss services that are no longer needed but are still running and being charged for. It is important to work with an MSP who can evaluate your cloud estate on a regular basis to ensure you’re only paying for services that are needed.

Where are the key areas for potential cost savings in the cloud?

The public cloud provides economies of scale which drive down costs because there is no further need to invest in new on-premise infrastructure, software and maintenance contracts. It also moves everything to a flexible Operating Expense (OpEx) model with no upfront capital investments.

Public cloud providers also offer incentives to lower cost in return for commitment.

What are the main drivers of functionality, cost and agility in the cloud?

One of the great benefits about the cloud is that it is scalable and you only pay for what you need. Spinning up servers or adding users can be achieved instantly, scaling up and down depending on demand. It also provides access to the latest technology, which is constantly kept up to date. The cloud also allows for easier collaboration between your teams from multiple locations and devices.

How long does it take to migrate to the public cloud? Will there need to be any downtime?

Migration to the public cloud does not have a fixed timeframe as such, it’s wholly dependent on your infrastructure, application estate and scope of transformation. For a typical mid-market Financial Services firm, with minimal line of business apps the migration may take between 3-4 months.

A transition to public cloud should be seen as an opportunity to modernise, transform your technology and take advantage of as much software-as-a-service as possible.

Can my phone/voice system be migrated to the public cloud?

Some voice solutions can be migrated to the cloud, however, we recommend migrating to Microsoft Teams for all unified communications requirements. Teams replaces all the traditional functionality of a phone system but also allows you to run it across multiple devices as a softphone application. Traditional handset devices can also be installed on the desktop which will operate as a standard desk phone. Call recording for compliance purposes can be achieved using third-party cloud products.

Our services

Our 4 pillars for a complete choice of managed IT services - all tailored to the needs of financial services firms in London and the UK.

Finance Forward 365 - Microsoft 365 cloud services supported by experts

Finance Forward 365

Microsoft modern workplace & cloud technology for digital transformation.

Compliant Teams -  Microsoft Teams phone system with call recording and archiving

Compliant Teams

Increased productivity & collaboration with call recording whilst reducing costs.
Cyber security solutions for financial services

Cyber Security

Keep your data secured against rapidly changing threats within Financial Services.

Responsive IT managed services for financial services

Power BI

Business Intelligence transformation and support tailored for Financial Services.