We all know that building any sort of digital product is a difficult task. The specifics of the fin-tech industry make it a lot harder. You are dealing with the most sensitive data of your clients and have access to their finances. This is a lot of responsibility. Your business simply can’t afford any weak spots in your IT infrastructure. Also, of all the industries, your business has the strictest regulations to follow.
Today I’d like to show you how you can make sure your apps stay stable, secure and compliant with all the regulations by designing your IT infrastructure using the products of Google Cloud Platform. We will talk about:
This question is asked by many and is especially important for businesses operating with sensitive data of their clients, such as fintech companies.
The short answer is: "Definitely yes! But let me explain it more deeply. Google has an army of security engineers making sure that the most sensitive data of your clients are stored in a true fortress and comply with any regulation you can think of. They certify their products against rigorous global security, privacy, and financial control standards, including AICPA SOC, and meet industry-specific standards like Japan FISC and PCI DSS. The on-premises data centres can never match this level of security. The bottom line is - it doesn’t matter where you actually store your data - what matters is how you take care of them. And that is the power of a global giant, who has way more resources and experience than any business on its own.
But the main benefit is that working with Google, you really don’t have to spend your time and money taking care of the security of your data. You can focus on what’s most important to you. Building great products and developing your business.
As I mentioned before, Google is being regularly audited to make sure it stays compliant with all the different regulations that a fintech business has to adhere to. Some of the financial institutions that run their infrastructure in the cloud are for example Allied Irish Banks, Ravelin or Paypal.
However, we still have to consider these regulations when we implement the logic of our applications. For example, we need to set the permissions, so that users data cannot be read by other people. Google provides us with many tools that protect your systems from hackers.
Let's talk about some of the services that you can use to improve your security:
We will start with Cloud Armour which can detect DDoS attacks and forbid traffic from these servers. Cloud Armour also offers Web Application Firewall which prevents SQL injection or cross-site scripting. Let's have a look at a diagram showing Cloud Armour connected to the load balancer that is being monitored.
You can see here, that it checks all the traffic coming through the load balancer and checks for suspicious traffic which then can be blocked.
Another tool we can use to enhance our security is Forseti.
Forseti is an open-source project which monitors your policies - it sets specific rules telling us which resources can access other resources within our projects. It also keeps track of changes within our infrastructure and enforces security measures on all of the resources. It is a powerful tool. Google itself uses elements of Forseti Security to secure its own use of Google Cloud Platform.
But bulletproof security isn’t the only benefit of Google Cloud Platform. One of the main topics for fin-tech companies (as well as any other company with a digital product) is operational efficiency.
By building your product on Google Cloud Platform provides you with a wide range of managed services that you are being charged for based on the actual usage.
This way you don’t need to hire additional engineers just to take care of maintenance. Your development team can focus all their time and energy on building a great product instead. And as a developer myself I can assure you, that they will be way happier, and way more satisfied with their jobs. But most of all they will become as efficient as it can be - Managed services allow you to distribute responsibilities for these services to all developers/analysts in your team. A person who creates it also takes care of the maintenance and if something doesn't work, fixes it. Simply instead of separate operations and development teams that sometimes don’t communicate with each other efficiently enough - everyone is DevOps.
As we pay only for what we use with those services, the initial cost when you don’t have many users is close to nothing. Most of the services even offer Free Tier, where you can give it a try and see if it works for you with no strings attached. On top of that, when you decide to work with a Google partner, (i.e. a local company that resells Google services) they can provide you with additional free credits for your projects. All this combined in real life means that you will basically pay nothing for the use of Google Cloud Platform for the first few months of your project.
Another reason why developers love Google Cloud Platform is super fast deployment. They can release new versions in a matter of hours. Also, having a stack of interesting technologies to work with will make your company a very attractive employer for the most talented of them.
Let’s have a closer look at some of the services that are really "easy to use".
When you start a new company, the first thing you usually need is internal systems.
App Engine platform is a perfect tool for this. It gives you the possibility to implement internal web applications or APIs which you can use for your internal needs.
It is in the range of so-called “Platform as a Service” tools, which means you don't have to take care of the underlying infrastructure and software on which it is running. All is set and ready to go.
You just write our code in Python, Java, Node.js, Go, Ruby, PHP, or .NET and easily deploy it.
Another great benefit of AppEngine is also the ability to scale to zero. This means that if you don’t use a particular service, you are not being charged for it. No more bare metal servers just lying around and gathering dust. Your resources are used in the most efficient way possible, which also reduces the total cost of ownership of your infrastructure.
Now, let's move on to storing your users’ data in the cloud. The best solution I know for it is Cloud Storage. Users data can be encrypted and are always stored in multiple locations. This improves the durability of the data. In practice it means that if by any chance, there is a problem with one server, your data is still accessible from other locations, thus, nothing can ever be lost.
Isn’t it awesome compared to hosting storage in our own data centre?
Pub/Sub which stands for Publish/Subscribe messaging bus asynchronous processes messages from all the parts of the infrastructure.
The principle is that it simply transfers text or JSON objects between different services or frontend apps.
Services subscribe for topics and read messages that are posted there.
This is a very useful tool for any digital-product based company. The above-mentioned messages combined with the functions of Google Firebase can be used, for example, to deliver push notifications to mobile devices of your users.
One of my favourite services of Google Cloud Platform is Cloud Function. Why? Let me explain. It’s a very convenient tool that allows you to run a code in response to specific events. It is ideal for running small tasks defined in small functions, processing events, triggering backups or sending notifications to Slack or Chat or respond to API calls.
In our example we can trigger it based on upload of the user file, for example, ID card, to Cloud Storage and do image processing to check that provided ID is valid.
It's a Function as a Service, we don't care about underlying, infrastructure, runtime and not even scaling. It scales automatically depending on our usage and needs
We can use Node.js, Python, Go, or Java. Then define triggers and that’s all.
And it's super cheap - just 0.2$ per million invocations
Another important aspect of a fin-tech business is the vast amount of data that it processes every day. Storing this data securely is one thing. Another is learning from it about your customers’ behaviours and improving your product based on these insights.
Google Cloud Platform offers a few services that will help you make data-driven decisions really fast. You will be able to store your data securely, process and analyse it with blazing speed, quickly react to the demands of the market and always be a step ahead of your competitors. Let me quickly introduce some of these services to you
Let’s start with BigTable. It's a NoSQL database that can store and scale big-data. It is ideal as a Data Warehouse for data that will be used for analytical purposes. It is designed to be used simply to store objects.
Another important service you should get familiar with (if you aren’t already) is BigQuery.
It is a Big Data SQL database used for analysis. BigQuery can process terabytes of data in seconds at very low costs. First TeraByte is free and then just $5 per TB
Standard SQL language can be used to extract data from the data sets and tables
Billing is based on the amount of processed data - which again, makes the usage extremely efficient. You only pay for what you actually use.
DataFlow is a very convenient service used for processing data in batches or streams. It is completely serverless and can be used with standard Apache Beam SDK allowing us to decompose processing into smaller parallel bundles which can be processed independently. Or we can use it to move our data to a different storage or transform our data to different formats. It is ideal for user analytics, data science, ETL workloads, log processing
Another service I’d like you to know about is DataProc If you ever used tools such as Apache Hadoop & Spark & others and have a working knowledge of them, you will surely have no trouble creating complex data processing pipelines using DataProc. It is a very simple tool for example for log processing, reporting, machine learning and more…
It isn’t entirely serverless - the provisioning of clusters is manual, and can generally be described as Infrastructure as a Service - Infrastructure is provided but we have to handle the operation system and software running on it. We use it for processing of big data sets across large clusters of computers
Fin-tech companies usually have mobile applications for communication with their clients. Here, Firebase comes in handy. We can use Firebase which is a service that connects to pub/sub and resends notifications to notification servers of Apple or Google and then to mobile devices of your users.
For newly established companies usually, every penny counts, so they focus on the smallest costs as possible. Google, fortunately, provides you with a free tier so we can try GCP services with no cost if you stick to their limits which are:
For Cloud functions - 2 million invocations
For Pub/Sub - 10 GBs messages
For BigQuery - 1TB of queries
For Storage - 5 GB
If we combine all the services together we can run our infrastructure at no costs.
It is really cool compared to the classic way of building a data centre on our own where you’d have to invest tons of money in the purchase of the servers in the first place.
If the free tier isn't enough for you, a local Google Partner such as Revolgy might be able to get some extra free credits for your project. So don't hesitate to ask and get ready to play!
If you’d like to learn more about how to leverage the full potential of Google Cloud Platform, don’t hesitate to contact us. At Revolgy, we are Google’s Premier Partner for infrastructure and can provide you with consultations and advice on how to design your infrastructure in a way, it will bring you the most benefits.
Just get in touch on ask@revolgy.com and we will get back to you in no time.