Microsoft Cloud for Financial Services design principles
To ensure that the final solution you create to fulfill your business requirements meets the highest standards, Microsoft has developed a set of design principles for Microsoft Cloud for Financial Services. These design principles build on the five pillars of architectural excellence in the Azure Well-Architected Framework and provide guidance for building sustainable and scalable solutions. We explore the following design principles and how they can be applied to create effective and efficient solutions.
| Built-in Control | Description | WAI Pillars |
|---|---|---|
| Build for the needs of business | A business requirement must justify every design decision. For an application to be appropriately reliable, it must reflect the business requirements surrounding it. | Reliability |
| Assign least privilege | Implement least privilege throughout the application and control plane to protect against data exfiltration and malicious actor scenarios and make necessary configurations to show / hide any customer information relevant to each persona. | Security |
| Configure-first approach | Prioritize using built-in configurations and settings available within the solution and power platform before resorting to custom code or complex customization. Reserve custom coding or complex development efforts for situations where no suitable out-of-the-box, low-code, or third-party solutions are available. | Performance Efficiency |
| Integration and interoperability | Enable seamless integration with existing systems and applications commonly used in the financial services industry. It should support APIs and industry standards to facilitate data exchange between various platforms and services. | Reliability |
| Centralize operations and monitoring | Standardize and centralize the logging and auditing of each solution component. Use Application Insights and Log Analytics to collect on-premises, hybrid cloud, PaaS, and Power Platform logs. | Operational Excellence |
| Monitor the health of the entire solution | Know about the scalability and resiliency of the infrastructure, application, and dependent services. Gather and review key performance counters regularly. | Operational Excellence |
| Bring in only the necessary data for usage | Be selective and deliberate in determining which data elements are essential for mapping or extending in FSI data model and avoid unnecessary data proliferation. | Performance Efficiency |
| Data Privacy and Consent Management | Prioritize data privacy by implementing robust mechanisms for managing user consent and controlling access to sensitive information. Implement privacy-by-design principles, pseudonymization techniques, and data anonymization to protect customer data while enabling data-driven insights and personalization. | Security |
| Security and Compliance First | Prioritize robust security measures, data encryption, access controls, and compliance with industry regulations (to ensure the protection of customer data and meet regulatory requirements). | Security |
| Foster data-driven decision-making | Financial institutions rely heavily on data-driven decision-making. Use, configure, or integrate with data visualization tools to provide insights into customer behavior, risk management, and overall business performance. | Operational Excellence |
| Choose the right licensing strategy | Establish the right licensing assignment strategy to optimize your platform licensing costs | Cost Optimization |
| Optimize costs | Operational data can grow significantly over time. Monitor the growth of your Dataverse tables by time and put in place data retention policies for data, logs, and files kept in Dataverse | Cost Optimization |