In response to consumers’ demand for instant, always-on service, UK financial firms are showing a growing interest in cloud services. Alan Grogan, chief analytics officer of the customer services group at RBS, even suggested developing a cloud service specifically for financial services organisations, despite the financial industry being criticized for lagging behind other industries in technology adoption.
Financial firms need the capability to restore highly sensitive information in a secure infrastructure and recover key systems and data within predefined recovery time objectives — a need cloud technology can fulfil.
But while most financial organisations have adopted some form of cloud strategy, a fraction of firms have steered clear of the cloud. According to the Cloud Security Alliance 2015 Cloud Survey Report, as many as 19 per cent of companies whose customers typically do not interact with banks electronically have a strict no-cloud policy, and 82 per cent of midsized organisations have no cloud strategy in place. What exactly is keeping financial firms from integrating cloud-based solutions into their businesses? The following myths could be to blame.
MYTH: The cloud is insecure
Security concerns are one of the top reasons financial organisations are hesitant to adopt cloud-based solutions for their businesses. In the Cloud Security Alliance survey, 60 per cent of respondents ranked data confidentiality as their highest cloud adoption security concern. Businesses view hacker attacks, data loss and identity theft as a real threat, and it doesn’t help that the UK has been named Europe’s worst country for data breaches.
To ascertain whether the cloud infrastructure is secure enough to handle highly sensitive information, it is crucial to first understand the differences between private and public clouds. Whereas public cloud models store data in a multitenant environment in which customers share the same infrastructure, the private cloud allows businesses to back up their data and entire systems configurations in an environment restricted to a specific community. The perception of insecurity is typically associated with the public cloud model.
To mitigate the risk of security breaches in the public cloud, financial firms can use a hosted private cloud (e.g. BlackCloud) that maintains strict security controls such as data encryption in transit and at rest. For additional control, firms can store critical data in an on-site managed platform (e.g. BlackVault) that integrates with the cloud.
MYTH: It’s the IT department’s decision to adopt cloud technology
It’s a common misconception that it’s solely the IT department’s responsibility to make the decision to adopt cloud technology. However, research from Harvard Business Review Analytic Services shows that cloud leaders, or companies that have generated new business opportunities through a mature approach to the cloud, don’t leave cloud decisions entirely up to IT. While cloud leaders are likely to have a CIO leading cloud initiatives, leaders from other parts of the business partner with IT in selecting and deploying services.
In the same way, for a cloud implementation to be successful in a financial organisation, executive management needs to be involved in the decision to introduce cloud backup and recovery to the workplace. Not only will the IT and executive management teams be able to work together to identify a solution that benefits the entire organisation, but employees are also more likely to receive thorough training on using the cloud technology if the initiative is supported by the top of command as well as the IT department.
MYTH: Transitioning to the cloud is too complex
Some financial firms believe transitioning their IT infrastructure to a cloud environment will be too time-consuming and could lead to downtime or data loss during the transition. There is some truth to this myth in some cases. For example, if a small firm’s limited IT team attempted the transition while managing their day-to-day tasks, the project can become more than a single firm can handle.
But implementing a cloud service doesn’t have to be cumbersome and unmanageable. If complexity is a concern, an IT managed services provider can help with project planning, implementation, maintenance and testing to ease the burden on internal IT staff.
Additionally, Harvard Business Review Analytics Services points out that cloud leaders with a cohesive cloud strategy that’s supported across the business have been able to reduce project implementation time and complexity.
With a better understanding of the myths associated with cloud-based solutions, financial firms can challenge what they think they know about cloud technology and realise that the cloud can become an integral part of their ability to meet their customers’ expectations.[su_box title=”About Brandon Tanner” style=”noise” box_color=”#336588″]Brandon Tanner is a successful entrepreneur with a technology background that spans software, hardware and service solutions for financial institutions and other regulated industries. He is the senior manager for nationwide Managed Services provider IT Specialists (ITS) and its sister organisation, Rentsys in the US and is the key, driving force behind the company’s business continuity and disaster recovery products and services, including the next generation of cloud and recovery products, BlackCloud and BlackVault. The combination of Brandon’s technology and regulatory expertise has led to several innovative cloud strategies that have helped customers maintain compliance more cost-effectively.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.