RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

How Financial Services Find Traction In The Cloud

How Financial Services Find Traction In The Cloud

Much of the enthusiasm and discussion about cloud technology focuses on its dynamic and innovative structure, and with each passing day a new technique or resource bursts onto the scene with promises of greater functionality and speed for all. But this causes great trepidation and reluctance among those charged with ensuring safe and secure environments, especially in highly regulated industries such as financial services. Banks, credit card companies and other financial institutions are teased by the promise of lower operating costs and dynamic scalability, and of course are painfully aware that their clients, suppliers and competitors are quickly adopting this new approach, leaving them to look like dinosaurs in the process.

Risk Wheel

The problem lays not so much in the resistance to change but instead in a lack of complete and cohesive guidelines from regional or local authorities to counteract the ever-present compliance and security issues.

Gartland & Mellina Group (GMG), a strategic management consulting firm based in New York and with clients worldwide, is now seeking to assist in resolving this conundrum with the release of its white paper, entitled Navigating Through the Cloud in Financial Services, one of four papers that comprise its new Thought Leadership Series on Technology Adoption in Financial Services.

Starting with a statement (supported by data) that shows just how much financial services are lagging behind in cloud adoption, it then highlights the clear fact that “financial services firms must navigate a range of deployment & service models that vary in the level of cloud ownership responsibilities and security control.

One specific area that the GMG white paper focuses on is that of compliance, which they identify as a “double-edged sword in the financial services industry.” This is due to regulatory requirements under Dodd Frank regulation that require securities firms “to hold significantly more data for reporting mandates, which compounds the compliance risk derived from the data privacy and control demands imposed under the Gramm–Leach–Bliley and the Sarbanes–Oxley Acts.” This means that cloud migration will increase reporting demands.

Added to this is the fact that authorities such as the Federal Reserve and SEC have not yet firmed up their position on cloud data migration, leaving little in the way of standards and guidance.

The paper points out that the industry is not without is sources for policies and procedures, in fact there are quite a number of authorities that financial institutions must deal with. The Federal Financial Institutions Examination Council (FFIEC), for example, released a joint statement by the FDIC and the Federal Reserve and others, which provides guidelines for cloud migration strategy, while payment card information will be guided by the Payment Card Industry Data Security Standard (PCIDSS), which identifies additional requirements for joint responsibility between CSPs and their clients.

Issues dealing with geography and international commerce are highlighted in the paper, as well as the numerous types of threats and attacks that a cloud-based system must withstand.

Far from being a gloom and doom scenario, the GMG white paper presents a number of viable options and opportunities for financial institutions and their IT specialists to consider when contemplating a move to the cloud.

Robert Rowland, Director in GMG’s Financial Services Strategy and Solutions Practice states, “Due to regulations, security concerns and consolidation, the financial industry is faced with challenges in advancing their technology solutions. We understand that taking that step forward isn’t easy. But we wanted to provide firms with practical insights that would not only compel them to modernize their business practices, but that would also help them approach it in an effective way from a business perspective. Considering these insights will not only benefit their bottom line, but also increase the value they add for their clients.”

For more information, please visit http://gartlandandmellina.com/gmg/who-we-are/white-papers/

By Steve Prentice

About Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

View Website

SYNDICATED NEWS SOURCES

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner

By CloudBuzz | September 20, 2017

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner for Enterprise Risk Management (ERM) Software of the Year SUNNYVALE, CA–(Marketwired – Sep 20, 2017) – RiskVision, the enterprise risk intelligence company formerly known as Agiliance, today announced that the RiskVision platform has…