Cloud and SaaS
Cloud-based solutions and software-as-a-service (SaaS) are certainly on the forefront of discussions. These solutions allow you to have your data and code off-premises, so to speak, via a web-based software service. You simply input and extract data and information rather than hosting the software on your own system. With a solution like this, you don’t have to host the system, the data, nor do you manage hardware or software issues directly.
It is certainly an attractive idea, but the big question for these products is cyber security. Not long ago, I would have suggested against these options until security is enhanced. However, recent advances in cyber security for products like these has changed my mind.
Your company’s proprietary, in-house software and hardware systems and processes are probably more at-risk to hacking than many cloud solutions. Two software vendors recently said the same thing, and I realized I need to open my mind to this idea as well. Although this is the only area you have seen me hesitant to explore, I now think all options should be on the discussion table.
Companies are using or putting a lot of applications in the cloud, and doing it nicely. Everything from infrastructure, to backup, to Big Data, to file storage and backup recovery.
One of the main benefits of this route is that you have reduced the upgrade risk for your software tremendously. How many projects have thousands of hours of extra code written only into their company’s platform? A lot. When the software vendor sends a patch or new release, it often doesn’t work with the customized solution, so they are stranded on an older version. Yes, they can send in a support ticket, but those take a backseat, so it often takes a long time to resolve. If you currently have a C/ETRM system, you know the pain of just inserting patches and releases, much less upgrades.
The software vendor managing your business in the cloud is now accountable for all of these issues. Does that make you sleep better? Or, since you do not have all of the customized needs, are people screaming more loudly than ever that they need more?
People always want more, so balance the costs and benefits of functionality in the cloud, as compared to hosting on-site with lots of customization and the security issue. True, you can get cloud customization, but 35,000 hours of customization is challenging and costly.
I don’t think the security risk is as risky as others do because I don’t think your trading is as proprietary as you think it is. That perception has been puzzling to me for years, save Enron’s, which was clearly proprietary for reasons that are now obvious.
Are there companies I have been to, or worked for, that I can see have some discernable trading strategies that one can replicate? Yes, but not most. If you have read Energy Trading and Risk Management, you know that a sustainable trading strategy is not a singular focus that one can just easily replicate. In many markets, I can’t even use that information across the state line, much less in their own market to trade against them.
In some instances, though, I really enjoy working trading strategies. Why? If I have to referee rather than integrate, with minor changes, it means you are not aligned internally on the trading and hedging strategies, and we need to go back to prior lessons on trading and risk management to create a disciplined process. That is why I wrote that book first, and recommend it before diving into a software project. Don’t get me wrong, I enjoy trading strategies, developing them, and creating the book structures to support the reporting roll-up.
I will add that if your position report gets out today, someone may think, at first, they have something of value. They will quickly realize they probably have nothing. I know many would challenge that, but the trading debacles I have seen, not only in person, but also in the papers, are poor trading strategies and controls, not stealing position reports.
Also, consultants are too busy trying to make your project a success and not paying attention to your daily P&L. 99.9% of them don’t care about your profits and losses, except that they do hope you are doing well so you can pay the consulting bills. As I have said, most don’t know what a position report means, much less digest and run with it anyway.
Therefore, I think the cloud is going to flourish. And, in reality, the people hosting the cloud probably have much better knowledge, and capability in security than you do.