Foration Blog

Cloud security for financial services

Paul Weeden

Written by Paul Weeden

Founder & Managing Director at Foration. IT and technology fixer.

[fa icon="clock-o"] 4 February 2015 [fa icon="user"] Paul Weeden [fa icon="folder-open'] security, cloud

Technology is a key driver of competitive advantage. The cost and flexibility benefits of Cloud computing are well documented and available to all businesses, including those operating within regulated industries, such as financial services.

Ensuring compliance with regulatory bodies, such as the Financial Conduct Authority does not rule out Cloud computing, it simply requires appropriate due diligence and risk management. When implemented correctly, Cloud solutions can deliver superior levels of security, data protection and availability compared to in-house systems.

Key considerations for financial services

  • Data Security: Selecting a reputable Cloud provider will help minimise security risks. Your provider should be able to demonstrate their security measures and, as a minimum, be ISO 27001 2005 accredited.
  • Access & Audit Rights: FCA regulators are entitled to access your information in an open, timely and cooperative manner. Cloud providers should accept this access and include it within their written contracts.

Cloud provider selection

As with any outsourcing agreement, selecting the right provider is key to protecting your business. The guide below provides a simple Cloud provider checklist to help with your selection process.

Selecting-a-Cloud-Provider

Enhancing your data security

Despite the perceived security risks surrounding Cloud computing, reputable providers can actually deliver enhanced Cloud security for financial services. This is increasingly recognised and reflected in the growing take up.

Examples of this enhanced security include:

Email-Security Email Security Whether you use on-premise or cloud email, your systems could be at risk if your email is unsecured. Cloud providers, such as Mimecast, deliver enhanced email security, continuity and archiving services, protecting your business from malware, downtime and data loss. In addition, all data is guaranteed to reside in the UK.
Data-Protection Data Protection Protecting your business from downtime can save you time and money. Online business continuity solutions minimise data loss by taking regular server and data backups. These are quickly recoverable and stored across multiple locations to reduce the risk of data loss associated with a single point of failure.
Data-Encryption Data Encryption Protecting your data from potential breaches is important and encryption provides the highest level of security. By encrypting your data before it's stored in the Cloud, it is then rendered meaningless to third parties. When combined with logs and audit trails, you can rest assured that your data is secure.
Hybrid-Cloud Hybrid Cloud Moving to a hybrid Cloud gives you the flexibility to store confidential data in a private cloud, whilst keeping less sensitive data in a public cloud. This "best of both worlds" scenario allows you to enjoy the security and control benefits of a private Cloud, combined with the cost and flexibility benefits of a public Cloud.

Cloud computing is here to stay and growing in popularity. With appropriate due diligence, firms can enjoy all the well-documented cost and flexibility benefits, whilst meeting their confidentiality, security and service needs.

Click here to find out more about our services.

 

Free whitepaper: Improving your IT security

Guide-to-Improving-IT-Security---Whitepaper

Paul Weeden

Written by Paul Weeden

Founder & Managing Director at Foration. IT and technology fixer.

Subscribe to our Blog

Recent Posts