The financial services sector is one of the prime markets that stands to gain many benefits from cloud computing but, to date, this has proved rather difficult. This is hardly surprising when one considers the heavy regulation within this industry. On top of this there is also a lot of fear from organisations pertaining to potential security risks with the control of data still very much a primary concern. Barely a day goes by without the announcement of the latest outage and no-one wants to be next in the firing line.
The potential benefits that come from the growth of cloud computing in this sector are vast, allowing for real-time execution of business critical activities such as fraud detection, instant lending decisions and extensive risk calculations. Cloud computing has also been a key driver in helping lenders achieve scalability quickly while also helping lower IT costs. When implemented properly, moving to the cloud can drastically reduce the operations and maintenance cost of IT, whilst ensuring that organisational agility is not slowed down by infrastructure. Many providers of financing solutions operate across multiple regions so this agility becomes vital when looking to innovate, launch products and structure deals quickly; they cannot afford to be beholden to legacy technology.
The dynamic nature of cloud however necessitates security and compliance controls that, granted, can be daunting. Issues around mobility and multi-tenancy, identity and access management, data protection and incident response and assessment all need to be addressed. And with multiple modes – SaaS, PaaS, IaaS, public, private, hybrid – creating added complexity in how security and compliance is carried out and by whom, I can certainly understand why IT leaders in the financial services sector may initially think twice about leveraging cloud.
ISO 27001 is a widely adopted global security standard and framework that sets out requirements and best practices for a comprehensive approach to managing company and customer information. As all companies, including those in the financial sector, race to combat security threats and address evolving compliance requirements, they often struggle to implement and demonstrate the consistent security management that is core to ISO 27001. Proving IT security practices is also key to satisfying the new European Union General Data Protection Regulation before it goes into effect in 2018.
We can look to one of iland’s own customers in the sector, Bluestone, to exemplify the importance of regulation when trying to implement a cloud computing strategy. The multi-national financial services company leverages iland’s Disaster-Recovery-as-a-Service (DRaaS) with advanced security to ensure IT resiliency as it transitions towards its ‘cloud-first’ strategy. According to Bluestone’s global head of IT operations: “Having a cloud-based disaster recovery solution that helps Bluestone to meet Financial Conduct Authority regulations and ISO 27001 standard requirements is essential. iland supports us with advanced security and compliance reporting that speeds up and significantly simplifies our compliance processes.”
The fact of the matter is, in today’s world, compliance isn’t just about satisfying regulations – it’s about staying ahead of threats and assuring end-customers that their data is safe. And this is never more important than when individuals’ money is at stake.
As well as simplifying industry compliance, cloud services also provide Bluestone with a number of other tangible business benefits that include:
- The avoidance of downtime and simplified DR management – The organisation can quickly recover from any IT incident, achieving recovery time objectives measured in minutes and recovery point objectives measured in seconds. iland’s intuitive cloud management console enables Bluestone to execute failovers and view and manage DR resources, delivering all performance, security and costing information within a single interface. Further to this, the Bluestone team can perform full, non-intrusive testing of the DR solution on demand via the console with no impact on operations.
- The protection of customer data with integrated advanced security – In the event of a failover, Bluestone’s workloads are protected against emerging IT threats with advanced security integrated into iland’s DRaaS offering. Features include antivirus and malware detection, vulnerability scanning, whole disk encryption, SSL-VPN, intrusion detection and prevention, event logging, deep packet inspection and other advanced capabilities. The Bluestone team also accesses on-demand security reports at the touch of a button through the iland cloud console.
- Reduction in IT resiliency costs by 40 percent – Thanks to iland’s straightforward pricing model, Bluestone only pays for compute resources when it requires a failover. As a result, the company has achieved a reduction of 40 percent in the overall cost model of its DR solution.
Cloud services clearly have the potential to help companies within the financial services sector to protect essential IT systems and innovate in the digital age. However, it is often the case that these companies simply don’t have the resources to be experts in all things IT. The key is in choosing a strong and trusted service provider that will be able to work alongside the organisation to ensure its needs are being met, whether that is in relation to security, compliance, backup or costs, so that it may focus on continuing to delight customers with innovative financial services.
Read more: Four nines and failure rates: Will the cloud ever cut it for transactional banking?