What’s in a Compliant Private Cloud

What’s in a Compliant Private Cloud

What’s in a Compliant Private Cloud


Keeping a digital organisation up and running in this information age requires a reliable, secure IT services platform for both employees and potentially customer use.  Add the growing cyber threat landscape, the practice of allowing employees of an organization to use their own computers, smartphones, or other devices for work purposes, coupled with customer expectations, Wi-Fi, customer transactions, and the distribution of business locations bring any company a multitude of IT challenges. Conscious of this Redcello set out with the aim of helping business take care of all its IT services requirements with a range of easy-to-deploy, manage and scale enterprise class solutions. All enterprise features are available to ensure security, reliability, interconnectivity, agility and ease of management, cognisant that the IT evolution/revolution is occurring at an ever increasingly diverse and complex pace.

In 2015 as a then start-up business, Redcello found itself engaging partners and clients in the finance sector where industry legislation from the EU was very much the topic of discussion. We, therefore, decided to embark on a long-term piece of work, that would develop a next-gen IT Services Framework based on emerging cloud, time, analytics, and cybersecurity technologies, with a goal of delivering a compliant IT Service platform / private cloud that would service these emerging business/industry needs.


The most prolific cybersecurity attack the world has ever seen in the form of the WannaCry ransomware attack in May 2017, illustrates the threats and issues in the environment. Sadly, the hardest hit victims were none other than our already overstretched and under-resourced, a bastion of Great Britain - the NHS.

Thanks to the increasing popularity of cloud computing and the forever increasing growth of the Internet of Things, more and more data is now being captured and stored on a daily basis than ever before in history. The rise in the importance of Data driving an ever-increased need for software and artificial intelligence to analyse this New Oil, coupled with data science to extract the value in ever more insightful ways.  In whatever sector or market vertical, businesses are surfacing either new opportunities or highlighting risk, which in turn is delivering value to their colleagues, customers and shareholders, keeping business ahead of the competition.

With an exponential rise in the value of data, replicated data and off-site backups aren’t enough to guarantee data recovery and business continuity. Data recovery solutions need to include comprehensive protection of applications or services replicated to business continuance venues, where after any data recovery event, the application owner needs surety that its been fully recovered and is functional with little or no data loss or impact to business.

People are talking about hybrid or multi-cloud... but this isn't another case of IT buzzword bingo, it’s a real thing, a strategy if you will - that's becoming increasingly relevant as the days go by. As enthusiastic adopters of next-generation technologies at Redcello: we look to bring to the table a best of breed selection of these technologies for our customers' benefit.

Most recently we have been investigating the use cases and benefits around such things as spot pricing in the hyper-scale clouds, finding new ways to bring efficiencies and significant savings to the users of these mega platforms. Also looking at technologies behind SDDC software-defined data centers, and how these technologies in conjunction with other evolving software services can help customers, optimise license costs and enhance future infrastructure projects or right size migrations to the cloud.

Last year (2018) saw the biggest regulatory changes for the finance industry since the 2008 financial crisis in the form of the new MiFID II (Markets in Financial Instruments Directive). This framework EU legislation covers a range of issues centred around financial instruments and the venues where those instruments are traded in order to not only protect investors but also to improve the functioning of the financial markets.

Under MiFID II the time-stamping of orders and trades must now meet that of high-speed trading standards. In pursuance of accuracy and the eradication of differentials in timestamping between different gateways and venues, the timekeeping facility on trading servers and clocks must now be synchronised and standardised against the global time reference of UTC. The solution will not be a "one size fits all" for trading venues - different types of firms will be subject to different variables in the accuracy of timestamping. For example, the fastest high-frequency traders will only have a tolerance of 100 microseconds from the UTC benchmark. The new directives bring a whole new rubric of reporting. Previously, under MiFID I the requirement was to report post-trade prices only. For MiFID II an increased level of data collection and reporting is a requisite. For example, transactional reports that once contained circa thirty fields, now contain sixty-five.

Now let's consider data quality standards - as many different data sources are being consolidated from variant systems; data consolidation, formatting and validation methods will also need consideration. “Sufficient” data reconciliation and monitoring services are required to ensure effective data governance and integrity are met, also high on the list of MiFID "to-dos". The upshot is, poor quality or incomplete data is likely to be rejected outright, with the financial conduct authority monitoring report rejection rates and identifying firms that repeatedly re-offend.

At Redcello, we believe that co-location and data center proximity will also have a direct effect on how technologists approach infrastructure strategies to accommodate MiFID II. With the legalities and importance of best execution being at the heart of MiFID II, it is key that technologists keep this in the back of their mind when priming solutions and infrastructures. The complex software application of the gateway needs the connections and exchange information to hit without latency for accurate real-time order transacting - it is imperative that once a bid is reached the item is removed from all other trading venues. Not only does software design and gateway access need to cater to the nuances of a broad number of trading venues, a patchwork of interconnectivity must also be addressed. Considerations regarding the potential new trading landscape and the additions of new venues to the mix may also affect the number of venues that require proximity to data centers for the reasons of latency. The co-location scenario must also be addressed - the mix of regulated and non-regulated venues sharing the same space is likely to mean that supplementary and auxiliary hosted services must be put into place.

Compliance Platform detail

Redcello has sought to create a total offering, a compliance platform, an infrastructure, to provide a basis for solutions to this complex business requirement. This has several layers and entities or modules completing it. Redcello’s initial work focused on the foundations, what may be thought as of the operating system of a personal device, but for an enterprise-wide system. Then moved on to the operational units or entities that perform the required tasks. The resulting service is a complex software environment, that provides a vastly simplified but compliant IT Services Platform.

Specifically, one of the advancements sought was to provide timestamping to a capability of 8 decimal places. Not just to generate this level of precision, but to distribute and detect any tampering with the transmission. One of the key MiFID II requirements is the need for verified and continuous synchronised time in order to achieve "trade reconstruction". Trading venues and the participants in the trade are required to time-stamp events and records that occur in the trading process with the time that is synchronised up to 100 microseconds depending on the type of trading venue from which they are operating i.e. HFT market participants need to reach the 100-microsecond standard. It is also necessary for trading venues to have a common reference time that allows operators of trading venues the ability to record the date and time based on the same time source, as well as be able to distinguish between different reportable events. In order to respond to the need for a compliant and accurate time service, Redcello set out to build a multi-source time service with a front-end provision that would serve to achieve and maintain immutable reports for MiFID II compliance and audit purposes.

The overall solution aims to help companies function as safely, efficiently, and cost effectively as possible by securing their environment against external and internal threats along with gaining control of their bandwidth to optimise its use. To deliver business value to organisations by helping to take the complexity out of cloud consumption, being the thread that pulls all the IT infrastructure tightly together in one orchestrated and coherent fabric.

In short, our goal was to provide a compliance platform to improve utilisation, performance, conformance to regulation, security, scalability, and availability to the financial sector and beyond, but Redcello's features and benefits don’t stop with the technology. Our proactive service teams are designed to give companies the confidence and freedom to concentrate on what they do best, while through our experience and knowledge we aim to support you every step of the way. 

We would love to discuss this further with you, click here to get in touch.

We are a disruptive IT Ecosystem MSP & SaaS Platform provider, prototyping & hosting tailored Enterprise Class / Fintech systems, enabling custom interconnected hybrid services. We specialise in tailoring managed and self managed solutions that innovate our customers’ IT landscapes, providing the tools to develop, deliver, protect and recover your business systems without having to rely on traditionally complex infrastructures.
Jeremy Hansford
0330 223 1042
  Company Website
  Company Blog