Top 5 Considerations for Financial Institutions Moving to the Cloud
Introduction As cloud technologies continue to advance, financial service institutions are migrating an increasing amount of their data to the cloud. Whether companies are looking to migrate general firm data, or more sensitive customer information, the cloud represents an increasingly attractive opportunity for financial service institutions of all sizes. The Financial Conduct Authority (FCA)…
As cloud technologies continue to advance, financial service institutions are migrating an increasing amount of their data to the cloud. Whether companies are looking to migrate general firm data, or more sensitive customer information, the cloud represents an increasingly attractive opportunity for financial service institutions of all sizes.
The Financial Conduct Authority (FCA) recently published a report for financial service organisations migrating to the cloud, stating that there was “no fundamental reason why cloud services (including public cloud services) cannot be implemented, with appropriate consideration, in a manner that complies with our rules”. This new legislation has led to a surge in financial service providers adopting cloud technologies as part of their infrastructure.
However as with any data migration, moving data to the cloud comes with a number of concerns and important factors to consider, with this article aiming to outline five of the biggest considerations that financial service institutions need to take into account when moving data to the cloud.
Rather unsurprisingly, what remains a primary concern of any business or individual migrating to the cloud is that of data security. With sensitive data stored in a remote datacentre rather than on-premise, how can we really be sure that our data is being kept safe and secure?
The reality of the situation, as reported by Gartner Inc., is that very few data breaches actually occur in the cloud, and that the vast majority of data security breaches occur in on-premise environments. That being said, it remains vital for businesses to ensure that their Cloud Service Provider has sufficient systems in place (firewalls, password barriers, complex logins etc.) to ensure data security for their customers. Providers should perform regular penetration testing to guarantee that vital data is not vulnerable to any kind of malicious activity or DDOS attack. ISO 27001 accredition of your Cloud Service Provider will give financial service institutions the assurance they need that adequate security measures are in place to protect their valuable data. Once these measures have been established, there should be little concern over the security of data stored in the cloud.
The costs involved in maintaining this level of security within an organisation’s on-premise environment can be huge, and financial organisations are now realising that they can reduce their capital and operational expenditures by moving their data to the cloud, managed by a dedicated and professional service provider operating to the highest standards of security.
2. Cost Optimisation
There are many reasons why so many financial service providers are migrating their existing infrastructure to the cloud, with a main one being that it means that financial service providers no longer need to invest in dedicated on-premise servers, nor will they need the man-power to operate the on-premise infrastructure.
Many businesses will also invest in additional hardware for use in failover situations which would otherwise be left unused. Instead of having dedicated hardware taking up space and costing your business money, the cloud offers the ideal solution to maximise your uptime while reducing your company’s overheads.
A further concern for Financial Service institutions is that they cannot be sure where their valuable data is being stored once they’ve decided to make the move to the cloud. When asked, many cloud service providers will not be able to tell you where exactly their customers’ data is being stored. It is simply “in the cloud”. The physical location of your datacentre is in fact a key consideration for any financial service institution and it’s important for any institution to ask these questions when considering a cloud service provider to meet its needs.
The newest FCA report has specified that all UK / EU based data centres are subject to the Information Commissioner’s Office (ICO) requirement for data residency and compliance with the data protection act. This ensures that customer data remains secure in the datacentre and will never be liable to checks from external parties or be subject to the US Patriot Act.
Scalability remains to be a top priority for financial institutions. The need to expand customer databases, increase service offerings and spread geographically has led to a vast increase in the number of financial institutions adopting cloud technologies into their business plan. By taking their data to the cloud, financial institutions allow themselves the flexibility to grow their businesses without burdening themselves with the costs of managing their entire infrastructure.
What’s more, your cloud service provider should only charge for the resources that businesses make use of as they grow, ensuring that they will never pay for any unused infrastructure.
5. Business Continuity
Effective Business Continuity planning covers many facets and has long been a challenge for financial services, especially when it comes to demonstrating its advantages. In essence, business continuity is a form of insurance which, ideally, should be demonstrably appropriate, effective and cost-effective. Cloud technology, in all its forms – be it private, supplier or public – is enabling a new generation of Business Continuity solutions and plans.
Comprising disaster recovery alongside data back-up and recovery as an integration solution for an organisation, an effective Business Continuity plan in the cloud provides the mechanism and tools to plan, manage your business in the event of disaster. This makes it effective, cheaper and, critically much easier to test and validate, with less impact on the normal day-to-day running of the business.
However to get the most from this new approach, you need to think differently about your Business Continuity planning and work with a supplier who has the skills, tools and range of delivery platforms to take advantage of all benefits of the new world Business Continuity solutions.
Financial markets move quickly, and if information is unavailable, even for a few minutes, the financial impact can be significant. Cloud Provider SLAs should also specify the level of data availability (the best will guarantee 99.999% availability) and ensure that support staff are always available to resolve any issues.