Cloud computing is here to stay. As part of its ongoing technology education series, the National Association of Federally-Insured Credit Unions hosted Ventura County Credit Union Chief Information Officer Chad Ritchie, Amazon Web Services Enterprise Strategist Mark Schwarz, and Think|Stack CEO Chris Sachse for a discussion about credit union blueprints for secure cloud strategies.
The overall tone was that credit unions must act with more urgency to adopt a cloud-first and security strategy to prepare for any future disasters or disruptions. Members are relying on their trusted credit union to be ready.
Wherever you are on your cloud adoption journey, here are some best practices and trends to discuss with your team.
Thoughts & Trends
- The adoption of a cloud-first strategy isn’t a sudden revolution—it’s an acceleration of a trend that has been slowly happening within the credit union industry but more rapidly outside of it. It’s time to take this opportunity to catch up to fintech and big banks.
- The “digital experience bar” has been set from outside the credit union industry by cloud-native and enterprise companies. Members and employees expect a simple and engaging digital experience. To remain competitive, it’s essential for credit unions to have a platform that allows for agility and resiliency. It’s a matter of relevancy—not a choice.
- Too much cloud and security strategy around the leadership table and boardroom is rooted in negative language. “We have to move to the cloud and secure our credit union” can be shifted to “We get to take advantage of the same tools and services that are available to enterprise-level companies.” Transformative technology is available to organizations of any scale.
- If this year has taught us anything, it’s to accept that we don’t know what’s coming. Disruption comes in many forms: a pandemic, a natural disaster, a security breach, losing a key team member. Regardless of the disruption, you need to know your technology won’t add to your problems at a time when you need it most.
- Elasticity, agility, and flexibility are fun words for digital transformation buzzword bingo. What they really mean is having a vision, strategy, and plan in action to be able to guarantee no discontinuation of services and ongoing improvement of your member experience.
People & Culture
- Transforming and evolving your infrastructure and security to be ready for innovation may require a radical culture change, and there is no one-size-fits-all approach. You need to design and define a mission statement for your transformation that is unique to the organization you are in.
- Your goal is to develop a simple and seamless experience for members and an invisible and painless one for staff. Once you have a clear vision of that future state, engage your peers, vendors, and team to develop a communication strategy that can articulate your mission to nontechnical people throughout your credit union.
- Look around your organization and vendor landscape and ask who can add value to your process. The ones that challenge you and want to be part of the development and communication of your plan are the most valuable.
- When you show the desire to improve your employees’ day-to-day work lives and solve their problems with technology, you’ll get their buy-in. Involve everyone in your organization, including your members and your vendors in your process. Journey map and document the experiences they are having and listen to recommendations.
- Foster a culture of failure acceptance because you will make mistakes. Neither people nor technology are perfect, and both will present pitfalls. Engage in open and honest conversations, learn, and move on quickly.
Tools & Technology
- “Moving to the cloud” is ambiguous and can suggest a heavy lift. However, just as people can learn any other technology, they can learn to use the cloud. Plus, there’s a vendor landscape with certified professionals available to support you through the process.
- Cloud strategy doesn’t always mean expansion. Having a flexible environment also allows you to scale down to save on costs. It allows you to constantly align your resources with your business needs.
- Adding software with fancy features and functionality into your environment may seem like a fix, but do they solve a business problem and tie into your long-term vision? “Frankenstein” technology environments with disparate and often redundant software and hardware will slow your credit union down in the long run.
- Technological tools exist to support humans, not the other way around. Identify the areas in your credit union where technology is causing friction and undergo short projects with tangible outcomes that will overcome your issues.
- Many vendors offer risk-free, often credit-covered test environments for cloud and security strategies that can solve business problems and eliminate process friction. Reach out and ask about funding and proof-of-concept programs.
Security & Compliance
- “The cloud” terminology suggests a mysterious, unknown place in the sky. So, it’s understandable that it can provide some peace of mind to know your data is sitting in machines you can see and touch. However, many of the digital tools and services you’re currently using are web-based and already hosted in the cloud. It’s time to be comfortable with what you can’t see and touch while putting necessary safeguards in place to be secure and compliant.
- The question is not how you can be secure in the cloud, but how can you hope to be secure outside of it? Public cloud providers have spent millions of dollars on their infrastructure and security, providing constantly updated environments that follow strict compliance frameworks. Some of the largest corporations in the world, including government agencies, trust these cloud infrastructures to secure and support everything they do.
- Technology selection supports your security posture—not the other way around. Taking the focus off relying on and blaming the technology and putting it back on your organization means you can govern IT rather than letting it govern you.
- Credit unions aren’t designed to protect data, but they act as custodians of their members’ most sensitive information. The building of an in-house security program that supports 24/7 threat detection of anomalous activity is both expensive and unrealistic. It’s pertinent to find security vendors outside of your organization to partner with that support your security posture properly.
- Ultimately, your credit union security posture is your responsibility. You have to make decisions that are reasonable for your risk tolerance and ensure that you have staff or vendors that understand the necessary security configurations and how they relate to compliance models to secure the tools you are using—no matter where your infrastructure is housed or which software you select.
“Here is the one metric that truly matters: Digital transformation = dramatically increased speed to market,” Ritchie said. “How you define that is by how fast your organization can get meaningful solutions and experiences rolled out to your members, community, and staff. Everything else falls under that—innovation, disaster recovery time, Net Promoter Score, capabilities, assets, even the financials are impacted by it.”
WE TRANSFORM & PROTECT
We Transform & Protect by putting People Before Technology. We are a Managed Service Provider focused on cybersecurity and cloud solutions that support digital transformations. We believe that the technology your business relies on should be used to drive transformation and lead to a seamless user experience. In uncertain times it’s important to partner with people and companies you can trust. Think|Stack was built to handle the unpredictable, to help those who weren’t.
If you’re unsure what to do next or if you have questions about your technology, our Think|Stack tribe is here to help, contact us anytime.
About the Author
Chris Sachse, CEO
Chris started Think|Stack in 2011 to serve organizations who serve their communities. Chris saw the important role tech and cybersecurity played in the financial services space. For over a decade Chris and his team have made it their mission to support, secure and empower credit unions to innovate through continuous technology improvement. He is an educator at heart and passionate about helping leaders and their teams understand how technology can support their goals while delivering seamless, enjoyable technology experiences to their people. As a cloud and cybersecurity leader, Chris is proud to sit on the MD Governor's Workforce Development Board as Vice Chair as well as the Cybersecurity Association of MD as Treasurer.