Banks Securely Moving to the Cloud
Some fundamental principles of securely moving financial applications and data to the cloud.
Join the DZone community and get the full member experience.Join For Free
Thinking about following the industry leaders into the cloud? In a previous post we talked about why banks like Capital One are moving to the cloud so quickly: cost-cutting, rapid deployment, ability to adapt and innovate, and security.
In 2017, we expect to see more and more enterprises taking their “crown jewels” to the cloud, and that includes banks that have been watching from the sidelines or dipping their toes in the water, waiting to make sure everything would go off without a hitch.
If your organization has seen the light and is ready to get on board with the cloud, here are three fundamentals that will help make it a painless transition.
1. Consider a Multi-Vendor Cloud Approach
Even for the most pro-cloud companies, relying on a single cloud vendor can feel risky, and for good reason. If you’re all-in with a single vendor and something goes wrong, you could be in serious difficulty. But while it can be scary to trust your critical applications to a third party, the benefits greatly outweigh the risks, and to further mitigate risks, you can adopt a multi-vendor approach.
Many of the larger banks look to a combination of the top three players — Amazon’s AWS, Microsoft’s Azure, and Google’s Cloud Platform — for their infrastructure needs. World Bank, for example, uses all three. This way, they’re not beholden to any one vendor, so risk is decreased, and each vendor can be leveraged for the services that are the best fit for their requirements.
2. Create a Migration Plan
While many banks are becoming comfortable moving their “crown jewels” to the cloud, others are not yet ready for various reasons, and that is understandable in a new computing environment. But when the time comes, a detailed migration plan is essential to cover everything from high-level strategy to requirements analysis to roles and responsibilities, technology selection, deployment, and beyond.
Begin by identifying which applications, data, and teams are ready for the cloud and start there. Once stakeholders are comfortable with the tooling, processes, and security of those assets that are to be moved into the cloud, you can start moving more sensitive data and applications, like transaction databases or customers’ personally identifiable information.
A step-by-step approach like this can be of tremendous value in overcoming reticence and in obtaining long-term buy-in to the cloud organization-wide.
3. Gain Visibility Across Tools and Vendors
In the cloud, data travels and is processed differently, files are accessed in new ways, updates occur faster, and threats proliferate in unexpected ways. To account for all these differences, you need a security solution built for the nuances of the cloud. Not only that, but if you are using multiple vendors such as Amazon, Microsoft, and Google, you need a way to ensure security and visibility of data across all environments, including hybrid environments as you transition to the cloud.
While each of these services comes with a basic level of security, remember the shared responsibility model. This says that security of the cloud (infrastructure) is up to the vendor(s) while your responsibility as a financial institution is security in the cloud (your data and users). To be a responsible steward of this data, you need to employ additional security tools that give you visibility across environments, users, and data sets. The best way to do this is by using a cloud-agnostic continuous monitoring platform to streamline and simplify security.
With an integrated platform such as Threat Stack’s Cloud Security Platform®, for example, banks are able to gain visibility across all cloud vendors (including visibility into hybrid environments), all in a single dashboard. This enables them to see what’s happening when and where, so they know when an issue arises and can take appropriate action immediately.
The caution that has characterized the banking industry’s approach to the cloud is understandable. On the other hand, the opportunity to develop new business models, streamline operating procedures and costs, add greater customer-centricity, and be able to adapt to shifts in the competitive and regulatory landscape are undeniable attractions to moving to the cloud.
And given the fact that cloud security has matured significantly over the last half decade, players in the banking industry, and more broadly, in the fintech sector, can now confidently move to the cloud to take advantage of its possibilities.
Published at DZone with permission of Jim Crowley, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.