It’s no wonder that banks are careful about keeping their sensitive data under lock and key.
We’ve all seen the kind of negative headlines that have been generated by a major institution’s fatally compromised network – and the huge drop in public confidence that has resulted.
To compromise security is to compromise the very reputation of their institution in the eyes of customers, shareholders and regulators.
Indeed, the financial services industry faces special challenges when it comes to compliance, including very demanding regulatory requirements on data and security confidentiality.
Traditionally banks have built their own data centres to bolster their defences and maintain in-house accountability, but it’s clear that industry perceptions towards cloud migration are beginning to significantly shift.
Previously, and understandably, concerns were expressed over the cloud’s shared infrastructure being accessed via the internet by multiple customers, opening up many potential points of vulnerability for the targeting of confidential information and personal data. Thus, banks were reluctant to surrender control of business-critical functions to cloud providers.
However, cloud systems are now placing key data safely behind firewalls, on a closed network that’s only accessible by a select few, and away from the potential security compromise that internet access represents. This progress has been further nurtured by the cloud’s inherently huge storage capacity and impressive processing power.
Unfortunately, major misconceptions still remain. A recent study (European Union Agency for Network and Information Security, 2015) found that, while 87 per cent had migrated some operations to the cloud, their knowledge of the technology and best practices remained poor. It further reported that 42 per cent of financial institutions did not have an explicit cloud strategy.
To say that cloud providers have had a perception challenge on their hands is an understatement; they’ve had to work hard to demonstrate their commitment to meeting ever-growing security and compliance demands. Yet, such has been the overwhelming push for improvement among cloud providers that this sustained, industry-wide drive has seen ability definitively catching up with demand, heralding an entirely more robust proposition.
It’s no coincidence that Visa recently announced it would be offering tokenisation services, helping secure digital and mobile payments, to banks offering customers apps that store payment credentials in the cloud. The financial services giant is just one among many making the leap.
Further highlighting a renewed industry confidence, late last year the Financial Conduct Authority (FCA) gave the green light for cloud use. It advised that cloud could “facilitate entry and/or expansion, and increase the ability of financial services providers, overall, to renew their IT systems in a more efficient manner”.
Now, thanks in part to the realisation of reduced legal and regulatory risk, private cloud migration is the next logical step, enabling wide benefits, ranging from higher agility for the quick introduction of new customer services and upgrades, and higher productivity, to the removal of legacy system obstacles, not to mention lowered costs.
In fact, it’s now widely thought that the major competitive edge that Software as a Service (SaaS) brings to banking makes its adoption by the industry increasingly inevitable. Vertical SaaS applications benefit from leveraging the security of internally built applications while also exploiting the huge cost advantages of its delivery model and easy integration into existing banking infrastructure.
Nevertheless, for all the benefits, having the right partner who understands a bank’s unique cloud requirements, advises on best practice for each individual bank, and diligently fulfils strict compliance standards, must be considered key.
With leading cloud providers on board driving fresh innovation, the rate of adoption will surely only increase as a new standard in security and efficiency is realised across the industry.
References: European Union Agency for Network and Information Security (2015), ‘Secure Use of Cloud Computing in the Finance Sector’, available at: