This is the second half of a two-part blog post based on my interview with FOW magazine regarding the growing adoption of cloud computing within finance and trading. If you read part one already, thanks for coming back. If you missed it, you can read it here.
FOW: What prompted the decision to move the platform on to a cloud-provision basis?
MM: We made the decision to leverage the cloud because of the many benefits it will provide to our users. One of the biggest benefits of cloud services is accessibility. Users can access the TT platform over the Internet through a browser, desktop or mobile device.
Distributing software via a cloud-provisioned platform also provides users with significant secondary benefits. In a SaaS model, the provider has direct control over the user experience. In our next-generation platform, for example, we are able to tune our application and infrastructure for the highest performance because we operate the solution end-to-end and across technology stacks.
Additionally, SaaS is more operationally efficient from the perspective of the service provider. SaaS allows for uniform service deployment and operation and direct visibility into the state of services. We directly monitor the application and infrastructure 24×7, which gives us deep visibility into system performance and helps us anticipate and prevent impending problems. When there are issues, we can roll out fixes to our global user base in a matter of minutes. This level of manageability and support is difficult, if not impossible, to achieve for an ISV supporting many bespoke on-premise deployments.
FOW: What precedents are there for the model?
MM: There are many precedents for SaaS found in our daily lives. Popular SaaS-delivered consumer and business applications include online banking, music and entertainment, shopping, CRM, accounting and desktop support. SaaS is also used to deliver mission-critical applications in areas such as healthcare as well as compute-intensive applications in areas such as computer-aided design and manufacturing. And in our space, there are some trading services offered via the cloud, but those are not necessarily designed specifically for high-performance trading.
Many of these SaaS services are likely deployed over a combination of both private and public cloud infrastructure, much like our platform. But there are some important fundamental differences in the architecture of our solution and our use of cloud technologies compared to that of traditional enterprise-level SaaS applications.
For one, as a trading platform provider for the professional trader, our software must deliver high-performance/low-latency execution. Therefore, we host the latency-sensitive, critical aspects of our system on infrastructure colocated with the exchanges’ matching engines. This is a common, well-understood paradigm in our industry, just not one typically served today by cloud or SaaS offerings. Less latency-sensitive functionality is hosted on lower-cost, elastic infrastructure. Additionally, colocation has very specific back-end hardware requirements that preclude the use of consumer, or even enterprise-grade, IT infrastructure or virtualized hosting services, the latter of which forms the foundation of most commercially available cloud provision services.
FOW: What questions have clients asked you about it?
MM: Most of the questions or concerns we’re getting from clients fall into three categories: security, performance and reliability, all of which are interwoven. The primary aspects of cloud or SaaS services that give rise to these questions and concerns are multi-tenancy, homogenized third-party cloud infrastructure services and public Internet.
Traditionally, trading firms built and operated their own proprietary trading networks to address these concerns. Our extensive experience in developing high-performance trading software and managing hosted trading platforms for the world’s largest banks has given us unique insight to address these concerns in our next-gen product.
The hybrid cloud design of our SaaS platform addresses performance concerns by running latency-sensitive services and applications on high-performance, custom-built infrastructure co-located with the exchanges’ infrastructure. Trading decisions, market data normalization, pre-trade risk checks and order execution all occur in extremely close proximity to the exchange matching engine, with cross-market trading supported over a high-bandwidth, low-latency private global network.
Performance concerns regarding the multi-tenant environment are addressed through extensive monitoring of system performance. Capacity is added if performance begins to dip in order to ensure that all users experience consistent service levels. We take care of this automatically so that our users can focus on trading without worrying about back-end system deployment or maintenance.
Again, the less latency-sensitive functionality that provides user control and management of the platform’s services–such as back-office integration, user account and risk management, workspace management, product data exploration, the order book and the audit trail–are hosted on lower-cost cloud-based infrastructure.
Security has always been a top priority for trading firms, and therefore was a top design consideration in architecting our new SaaS platform. Not only are firms concerned with protecting the usual corporate and personal information, but they also want to be sure their proprietary trading strategies remain proprietary. We’ve take a multifaceted approach to address security in our platform.
The platform infrastructure is interconnected via a combination of private network and virtual private network links between third-party providers who are directly managed by TT.
To specifically address security concerns with the use of third-party, cloud-based infrastructure providers, TT encrypts all data in flight and at rest while maintaining control over access to back-end systems through industry-standard security practices and multi-factor authentication.
The refactoring of our execution platform onto newer technologies along with the ubiquity of cloud-based infrastructure-as-a-service (IaaS) provided an opportunity to greatly improve the failover design of our solution. Whereas today, system recovery or “failover” is a very manual and time consuming process, we anticipate that recovery from system faults and outages will be nearly seamless to the user as our solution matures.
Finally, we believe a large percentage of our user base will be comfortable accessing our platform over the Internet. Most performance concerns can be addressed by deploying server-side automated and algorithmic trading strategies. Our client application runs on standard web browsers and utilizes the industry-standard SSL/TLS encryption layer used by millions of individuals today to execute a multitude of financial transactions. The Internet is inherently designed to be robust and highly available.
In the end, given a well-designed SaaS solution, users shouldn’t need to care about how or where the back-end services are hosted, only that their data is secure and accessible, and that their transactions are secure and execute with low latency.
Posted by: Mike Mayhew, CIO