I had experience in Quartz (BofA cloud), and deploying is 100 times easier than AWS, everything is automated. Imagine building a cloud service where you trust all your clients, and all must share the same information if they have the correct auth, what I trying to say is that their use-case actually made it simpler, that's where the savings in software had came from.
So we'll hear about a BoA hack in a few years where the attacker got into the cloud somehow and then had unlimited access to all the other servers? Great. Exactly what I want from a bank. /s
Or you can look at it as a single correct auth and encryption mechanism is shared company wide vs each individual teams intern inventing new was to base64 encode your password. Glass half full or empty
Well that's the same with any cloud provider, one compromised account with enough access could be catastrophic. In BofA there is an AWS IAM equivalent. Also the BofA cloud is not accesible from the Internet.
