Network Security, Application security

New security realities emerge as financial firms move into the cloud

Visitors crowd the cloud computing services presentation at the CeBIT technology trade fair on March 2, 2011, in Hanover, Germany. (Photo by Sean Gallup/Getty Images)

Financial institutions and their service providers have been increasingly embracing cloud platforms for many years — but with cybercriminals becoming more aggressive and wily in their intrusion efforts, the industry needs to up its risk mitigation game.

Indeed, more than three-fourths (78%) of IT leaders surveyed earlier this year said that there’s been an increased demand to move their corporate workloads to cloud platforms, according to The State of Enterprise Cloud Migrations report by Next Pathway. And yet, only one-third of respondents (33.6%) said that they have actually completed a migration to cloud systems — barely 2% more than said that they had fully migrated to cloud when the same survey was conducted in July 2021. The study was based on a February 2022 survey of roughly 1,200 IT professionals and decision-makers in multiple industries, including financial, commissioned by automated cloud migration service provider Next Pathway Inc.

“Our research reveals that companies that want to move to the cloud, need help — they want more services, industry solutions and enhanced products,” Chetan Mathur, Next Pathway CEO said in a prepared release released with the report late last month. “In this highly competitive market, the cloud wars are on and likely to continue for some time.”

Given the pressure to embrace more efficient and often less costly cloud architectures, financial firms and non-bank financial technology players (FinTechs) alike are encouraged to migrate to the cloud more quickly to cut costs and garner the benefit of the “enhanced capabilities” cloud might afford, according to the study. However, given their own compliance and security requirements, banks, credit unions and investment firms must be mindful of maintaining or improving upon their risk mitigation as they move more data and capabilities to cloud.

Financial institutions find benefits in hybrid cloud solutions

Enterprise customers are realizing that the private cloud vendors have spent tremendous resources to secure their cloud platforms, according to Clara Angotti, president of Next Pathway. As a result, private cloud platforms “are more secure than what an enterprise can manage on-premise.”

“For this reason, we are seeing financial institutions move critical applications to the cloud,” Angotti said, adding that their recent research indicated that enterprises are more often “specifically picking private cloud vendors based on their security performance.”

For example, when asked why vendors are selecting Microsoft Azure as their chosen cloud platform, two-thirds (67%) cited that Microsoft Azure maintained the strongest cybersecurity controls and has achieved several compliance certifications.

“Cloud platforms are tailoring their research and development to ensure that their products and services are meeting the needs of financial institutions,” Angotti said. Almost half (48%) of IT leaders surveyed stated that a key achievement of cloud migration is “enhanced security following migration.”

In effort to get the best of both worlds from cloud-based systems, many financial firms in particular are planning to implement “hybrid cloud” architectures to benefit from the efficiency of the public cloud, and the security and privacy of the private cloud. Almost all of the cloud migration study respondents (97%) said there are clear benefits to hybrid cloud strategies.

Many conservative enterprises, an oft-targeted and highly regulated industries like financial, have “continued to run proof-of-concepts [over the past year] with multiple public cloud warehouse platforms. [This] suggests that they aren’t rushing their entry into the cloud and are assessing which platform is the most appropriate platform for specific business use cases,” according to the research.

Many financial institutions have been experimenting with cloud for a decade or more, and have moved many sensitive data stores and sensitive functions to cloud, including anti-money laundering, bankruptcy tracking, commercial risk reporting, credit and delinquency analysis, fraud prevention, loan management, retail risk and reporting and revolving credit analysis, according to Angotti.  

In fact, 2 out of 5 survey respondents (40%) said that the planning process to move to cloud systems took much longer than expected. The cloud report survey also found that IT leaders sought support services in a variety of areas, including developing multi-cloud strategies (45.2%), creating a robust partner ecosystem (41.9%), gaining increased storage capacity (40.3%), and implementing industry specific solutions (39.3%).

“We are still in the early stages of the emerging cloud market, and as this market matures and we realize that the race to the cloud rewards those that move quickly, more is being demanded from the vendors to accelerate cloud migrations,” Angotti said in a prepared release. “Companies are eager to move to the cloud fast. ... However, companies need help. Moving to the cloud is not easy.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.