How Financial Services Find Traction Online

How Financial Services Find Traction

Much of the enthusiasm and discussion about cloud technology focuses on its dynamic and innovative structure, and with each passing day a new technique or resource bursts onto the scene with promises of greater functionality and speed for all. But this causes great trepidation and reluctance among those charged with ensuring safe and secure environments, especially in highly regulated industries such as financial services. Banks, credit card companies and other financial institutions are teased by the promise of lower operating costs and dynamic scalability, and of course are painfully aware that their clients, suppliers and competitors are quickly adopting this new approach, leaving them to look like dinosaurs in the process.

Risk Wheel

The problem lays not so much in the resistance to change but instead in a lack of complete and cohesive guidelines from regional or local authorities to counteract the ever-present compliance and security issues.

Gartland & Mellina Group (GMG), a strategic management consulting firm based in New York and with clients worldwide, is now seeking to assist in resolving this conundrum with the release of its white paper, entitled Navigating Through the Cloud in Financial Services, one of four papers that comprise its new Thought Leadership Series on Technology Adoption in Financial Services.

Starting with a statement (supported by data) that shows just how much financial services are lagging behind in cloud adoption, it then highlights the clear fact that “financial services firms must navigate a range of deployment & service models that vary in the level of cloud ownership responsibilities and security control.

One specific area that the GMG white paper focuses on is that of compliance, which they identify as a “double-edged sword in the financial services industry.” This is due to regulatory requirements under Dodd Frank regulation that require securities firms “to hold significantly more data for reporting mandates, which compounds the compliance risk derived from the data privacy and control demands imposed under the Gramm–Leach–Bliley and the Sarbanes–Oxley Acts.” This means that cloud migration will increase reporting demands.

Added to this is the fact that authorities such as the Federal Reserve and SEC have not yet firmed up their position on cloud data migration, leaving little in the way of standards and guidance.

The paper points out that the industry is not without is sources for policies and procedures, in fact there are quite a number of authorities that financial institutions must deal with. The Federal Financial Institutions Examination Council (FFIEC), for example, released a joint statement by the FDIC and the Federal Reserve and others, which provides guidelines for cloud migration strategy, while payment card information will be guided by the Payment Card Industry Data Security Standard (PCIDSS), which identifies additional requirements for joint responsibility between CSPs and their clients.

Issues dealing with geography and international commerce are highlighted in the paper, as well as the numerous types of threats and attacks that a cloud-based system must withstand.

Far from being a gloom and doom scenario, the GMG white paper presents a number of viable options and opportunities for financial institutions and their IT specialists to consider when contemplating a move to the cloud.

Robert Rowland, Director in GMG’s Financial Services Strategy and Solutions Practice states, “Due to regulations, security concerns and consolidation, the financial industry is faced with challenges in advancing their technology solutions. We understand that taking that step forward isn’t easy. But we wanted to provide firms with practical insights that would not only compel them to modernize their business practices, but that would also help them approach it in an effective way from a business perspective. Considering these insights will not only benefit their bottom line, but also increase the value they add for their clients.”

By Steve Prentice

Alex Tkatch

Dare to Innovate: 3 Best Practices for Designing and Executing a New Product Launch

Best Practices for Designing and Executing a Product Launch Nothing in entrepreneurial life is more exciting, frustrating, time-consuming and uncertain than launching a new product. Creating something new and different can be exhilarating, assuming everything ...
Martin Mendelsohn

Of Rogues, Fear and Chicanery: The Colonial Pipeline Dilemma and CISO/CSO Priorities

The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
Derrek Schutman

Providing Robust Digital Capabilities by Building a Digital Enablement Layer

Building a Digital Enablement Layer Most Digital Service Providers (DSPs) aim to provide digital capabilities to customers but struggle to transform with legacy O/BSS systems. According to McKinsey research, 70% of digital transformation projects don’t ...
Kelly Dyer

Healthcare Data Security: Why It Matters

Healthcare Data Security Today, electronic healthcare data exists at every point along a patient’s journey. So frequently is it being processed, accessed, and shared between multiple providers, that we’d be forgiven for forgetting the highly ...
Dr. Mike Lloyd

How to Mitigate Security Risks in the Cloud

How to Mitigate Security Risks in the Cloud Enterprises continue to spend billions annually on security technology, yet cyber breaches continue to come fast and furious. So what exactly is going on here? Why are ...

CLOUD MONITORING

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Opsview

    Opsview

    Opsview is a global privately held IT Systems Management software company whose core product, Opsview Enterprise was released in 2009. The company has offices in the UK and USA, boasting some 35,000 corporate clients. Their prominent clients include Cisco, MIT, Allianz, NewVoiceMedia, Active Network, and University of Surrey.

  • Nagios

    Nagios

    Nagios is one of the leading vendors of IT monitoring and management tools offering cloud monitoring capabilities for AWS, EC2 (Elastic Compute Cloud) and S3 (Simple Storage Service). Their products include infrastructure, server, and network monitoring solutions like Nagios XI, Nagios Log Server, and Nagios Network Analyzer.

  • Datadog

    DataDog

    DataDog is a startup based out of New York which secured $31 Million in series C funding. They are quickly making a name for themselves and have a truly impressive client list with the likes of Adobe, Salesforce, HP, Facebook and many others.

  • Sematext Logo

    Sematext

    Sematext bridges the gap between performance monitoring, real user monitoring, transaction tracing, and logs. Sematext all-in-one monitoring platform gives businesses full-stack visibility by exposing logs, metrics, and traces through a single Cloud or On-Premise solution. Sematext helps smart DevOps teams move faster.