How Financial Services Find Traction In The Cloud

How Financial Services Find Traction In The Cloud

How Financial Services Find Traction In The Cloud

Much of the enthusiasm and discussion about cloud technology focuses on its dynamic and innovative structure, and with each passing day a new technique or resource bursts onto the scene with promises of greater functionality and speed for all. But this causes great trepidation and reluctance among those charged with ensuring safe and secure environments, especially in highly regulated industries such as financial services. Banks, credit card companies and other financial institutions are teased by the promise of lower operating costs and dynamic scalability, and of course are painfully aware that their clients, suppliers and competitors are quickly adopting this new approach, leaving them to look like dinosaurs in the process.

Risk Wheel

The problem lays not so much in the resistance to change but instead in a lack of complete and cohesive guidelines from regional or local authorities to counteract the ever-present compliance and security issues.

Gartland & Mellina Group (GMG), a strategic management consulting firm based in New York and with clients worldwide, is now seeking to assist in resolving this conundrum with the release of its white paper, entitled Navigating Through the Cloud in Financial Services, one of four papers that comprise its new Thought Leadership Series on Technology Adoption in Financial Services.

Starting with a statement (supported by data) that shows just how much financial services are lagging behind in cloud adoption, it then highlights the clear fact that “financial services firms must navigate a range of deployment & service models that vary in the level of cloud ownership responsibilities and security control.

One specific area that the GMG white paper focuses on is that of compliance, which they identify as a “double-edged sword in the financial services industry.” This is due to regulatory requirements under Dodd Frank regulation that require securities firms “to hold significantly more data for reporting mandates, which compounds the compliance risk derived from the data privacy and control demands imposed under the Gramm–Leach–Bliley and the Sarbanes–Oxley Acts.” This means that cloud migration will increase reporting demands.

Added to this is the fact that authorities such as the Federal Reserve and SEC have not yet firmed up their position on cloud data migration, leaving little in the way of standards and guidance.

The paper points out that the industry is not without is sources for policies and procedures, in fact there are quite a number of authorities that financial institutions must deal with. The Federal Financial Institutions Examination Council (FFIEC), for example, released a joint statement by the FDIC and the Federal Reserve and others, which provides guidelines for cloud migration strategy, while payment card information will be guided by the Payment Card Industry Data Security Standard (PCIDSS), which identifies additional requirements for joint responsibility between CSPs and their clients.

Issues dealing with geography and international commerce are highlighted in the paper, as well as the numerous types of threats and attacks that a cloud-based system must withstand.

Far from being a gloom and doom scenario, the GMG white paper presents a number of viable options and opportunities for financial institutions and their IT specialists to consider when contemplating a move to the cloud.

Robert Rowland, Director in GMG’s Financial Services Strategy and Solutions Practice states, “Due to regulations, security concerns and consolidation, the financial industry is faced with challenges in advancing their technology solutions. We understand that taking that step forward isn’t easy. But we wanted to provide firms with practical insights that would not only compel them to modernize their business practices, but that would also help them approach it in an effective way from a business perspective. Considering these insights will not only benefit their bottom line, but also increase the value they add for their clients.”

For more information, please visit http://gartlandandmellina.com/gmg/who-we-are/white-papers/

By Steve Prentice

About Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

View Website
View All Articles

Sorry, comments are closed for this post.

Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in mind when implementing an ERP system. But do you know if cloud-based or on-premise ERP deployment is better for your company or industry? While cloud computing is becoming more and more popular, it is worth…

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…