The use of cloud technology is full of pros and cons. On the one hand, the technology offers an abundance of innovation potential, but on the reverse, cloud systems can also fall subject to cyberattacks and outside manipulation.
Here to discuss this complex relationship between cloud technology and financial services is Simon Waller. Simon is the Regional Director, EMEA & US at Epsilon. He leads the region’s sales and business development activities including channel partnership and enterprise sales. He holds over 22 years of experience in IP data sales with a proven history of building successful sales teams, developing new markets, and closing high-value opportunities.
In this guest-authored piece for The Fintech Times, Simon discusses everything from cloud compliance, cybersecurity, and cross-cloud collaboration.
Financial institutions (FIs) face some of the most stringent security, regulatory and compliance obligations of any sector. On top of this, they are challenged to keep up with the growing demands from customers for a seamless user experience across digital channels like online banking, while not compromising on quality and security.
Across all industries, banking is one of the largest adopters of cloud, accounting for around 16% of total global cloud expenditures, according to IBM. Adoption rates were previously slower than other sectors due to security, control, and compliance challenges. However, in recent years these challenges have been a focal point to overcome. Today, 83% of banks say cloud initiatives are already part of a coordinated programme or a fully integrated strategic transformation.
There are a multitude of opportunities for CIOs in FIs to support innovation and enable continual transformation in the banking sector with cloud networking technologies.
The challenge is to ensure that compliance and cyberthreats do not slow innovation. FIs have to find simple and powerful ways to move workloads to the cloud and maximise the potential of their businesses.
Keeping up with Compliance Challenges
There are two ways to look at the challenges that FIs are facing today – one being regulatory and the other being operational.
Regulatory challenges refer to compliance, security, and risk management. Many regulators consider the use of cloud services as a form of outsourcing. This usually involves multiple parties including the network provider and the CSP.
FIs need to assess the risk profile of these vendors and determine the controls required for protecting their data and where it should be located. Connectivity to the cloud and between the clouds should be deployed over a private network instead of the public internet. Having strong network security such as firewalls to secure the network between the FI and the internet as well as connections with third parties is a must.
More financial regulators are establishing standards and guidance around the use of cloud computing, including the Federal Financial Institutions Examination Council in the United States, the European Banking Authority in the European Union, and the Monetary Authority of Singapore.
A key reason behind the strict regulatory landscape in the financial services sector is the threat of cyberattacks. Due to the high-value data they store, process, and transmit, they are a top target for cybercriminals. According to VMware, attacks targeting the financial sector grew by 238% between February and April 2020. 80% of surveyed FIs reported an increase in cyberattacks over the past 12 months, and 82% said cybercriminals have become more sophisticated over the past 12 months.
As for the operational challenges, Fis need to be able to scale their clouds to grow their digital services and also meet the usage requirements. Other aspects include having the visibility to continuously monitor system resources such as the network throughput, latency, and packet loss.
It is critical to have a network that can pivot to changes such as increasing bandwidth or short-term cloud deployment for backing up non-mission-critical data. However, not all network providers can cater to such demands.
Enhancing Capabilities with Multiple Clouds
There are many different cloud models in the market with different capabilities that suit different business requirements.
According to Microsoft Azure, ‘private cloud’ is defined as “computing services offered either over the Internet or a private internal network and to selected users only instead of the general public.” Another common cloud is the ‘public cloud,’ defined by Microsoft Azure as “computing services offered by third-party providers over the public Internet, making them available to anyone who wants to use or purchase them.”
The Microsoft Azure definition of ‘hybrid cloud’ is “a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.” This is not to be confused with ‘multi-cloud,’ which is the use of two or more public or private cloud environments. Unlike the hybrid cloud, a multi-cloud strategy does not need to include both private and public clouds.
Hybrid or multi-cloud environments can provide banks with the flexibility to easily move basic workloads to the public cloud, while benefitting from added data security and privacy by keeping mission-critical data on-premises.
Banks can choose all different CSPs like Amazon Web Services, Google Cloud, Microsoft Azure, and Oracle to spread their workloads, and in turn gain benefits from each provider to form a best-of-breed solution. This enables FIs to create competitive offerings for customers with compliance and security.
By utilising a cloud networking solution with both a private network and public cloud capabilities, FIs can gain high availability networking with default encrypted connections, cloud segmentation and cloud security policies in a single platform, with optimal performance for cloud applications. They can also benefit from embedded security solutions such as FQDN filtering and service insertion of next-gen firewalls, to meet their security and compliance requirements.
By teaming up with an expert networking partner, FIs can gain seamless direct access to a collection of CSPs through a secure private network backbone, without the need to manage multiple relationships. The right solution will abide to all regulations and security requirements, so the FI can comply without worrying about complexities.
Continual Transformation with the Cloud
Multiple clouds enable FIs to achieve the full flexibility and benefits of the cloud, however to unleash their full potential, a comprehensive solution is vital. They need to find the simplest model for keeping up in a rapidly changing market, connecting multiple clouds, distributing resources, minimising data loss risk and mitigating downtime.
An advanced cloud networking solution will simplify networking and security in the cloud for FIs, with simple onboarding and configuration by a team of experts. It can provide the operational visibility, control and troubleshooting needed to keep up with rapidly changing regulations and customer demands across the globe and securely transform the future of financial services.
