Migrating business data to the cloud has been like a universal cure for a lot of businesses.
Having vital information in the cloud allows a company to spend less on IT and infrastructure, which they can put into other projects. It also allows their employees to access that information from anywhere, discussing a job with clients onsite rather than being restricted to the office.
Financial Institutions, such as banks, accountants and wealth management offices are now looking into the viability of moving your financial information to the cloud. This could mean either public, private, hybrid or community clouds as a viable place to store data. Cloud-based business is becoming the norm today and allows for plenty of flexibility and scalability in storage. But this also presents a unique set of challenges and risks that have to be addressed.
Migrating this sensitive data has inherent external obstacles and risks that these organizations need to understand and plan for. There are also in-house factors that each individual organization must deal with. These in-house problems can lead to hasty planning that can result in poor implementation. Moving to the cloud for these organizations has to be seen as not a competitive advantage, but as a necessity. However, before making the move, these companies need to be aware of the benefits as well as the downfalls of each cloud type and what it does with their data. Some reasons for the delay in acceptance of the cloud include:
- Security in the cloud. Public clouds offer smaller costs and discounts, but their data may not be as secure as they would like. Although many cloud operators receive security certifications and offer encryptions, they still may require another level of security for the cloud to be a consideration. Cloud access security brokers (CASB) may be another technology that financial institutions would need to adapt to make the cloud viable for their information. CASB is a service that would sit between the financial institution and the cloud infrastructure. It’s like a gatekeeper of sorts; it allows the organization’s security policies to reach beyond its own infrastructure to the cloud. “By 2020, 85% of large enterprises will use a cloud access security broker platform for their cloud services,” according to the “Gartner Market Guide for Cloud Access Security Brokers” from October 2016.
- Visibility into the cloud. Financial institutions won’t even consider moving over to a cloud-based platform until they are assured to have the features that they want. Some of those features include auditing capability, transparency, and real-time log access. These financial institutions would require as much access and input into their cloud files as they do in their own onsite infrastructure. CASB, for instance, would give the institutions access to user data from their employees as well as anyone who accessed that information from any user or device.
- Legal and compliance requirements. Financial organizations have to operate under a strict regulatory structure that imposes regulations on how they operate and how they secure their operations. Any potential issues could result in penalties if something is found during an audit. Organizations have to perform their due diligence for anything that is outsourced. Sending data to the cloud is considered a form of outsourcing. CASB’s help with security, too. They have the ability to perform highly sophisticated misuse and threat detection, as well as the option to block at the user, object and device level.
- Availability of the cloud. The worry of availability of cloud vendors is a worry shared by financial organizations. What happens if a vendor goes out of business? What if the vendor services are down for extended periods of time and the organization loses access to its data? These are two big and very real concerns that organizations have to deal with. If an organization has time-sensitive agreements or settlement applications, will the platform be able to accommodate them? Then there is having to move platforms. If an organization has to move from one vendor to another, they most likely will have to pay to adapt to a new platform switch. While the applications that run in a cloud environment will run from one platform to another, the dashboards are usually specific to a platform, so a new dashboard would have to be adopted.
- Is there a business purpose for the cloud? The most likely reason for a financial organization not adopting the cloud could be that they simply haven’t found a business reason to move to the cloud. Whether or not the cloud is the norm for everyone else and the technology of the future, if it doesn’t make sense right now for the organization to use it, then they won’t. As with any technology, it should be used to perform or achieve a business goal, not just to say you have the latest new technology.
So what is a financial organization to do? If the organization is considering the cloud, maybe they can try a smaller move of less critical data to a private cloud as a test. This could give them insight into the security of their data and the viability of the platform. Some organizations would then have the confidence to pursue the development of a cloud-based migration strategy.