Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


 Migrating to the cloud is often considered a complex undertaking for financial organisations, especially with the diverse range of perceived risks associated with it. However, Nathan Johnston, from cloud computing IaaS provider Memset says measures like vendors securing respected and standardised CESG accreditation helps bring much needed confidence to the market.

Accreditation Brings Much Needed Confidence To Financial Cloud Computing
Accreditation Brings Much Needed Confidence To Financial Cloud Computing

Financial organisations have shunned away from the cloud for many years, missing out on the massive efficiencies and cost savings that can be gained from having access to on-demand, scalable IT resources. However recent improvements in cloud security and a wider variety of applications becoming available means this industry is set for significant growth.

So why haven’t financial institutions adopted the cloud as quickly as other industries? The confidential nature of the data processed through this kind of IT solution can cause business leaders to worry about outsourcing their requirements. Privacy and data protection are of high importance to financial institutions, often with huge monetary fines in place for breeching regulatory requirements.

Also, the lengths to which the National Security Agency (NSA), and other US law enforcement and security agencies, have exploited the Foreign Intelligence Surveillance Act (FISA) and Patriot Act to snoop on foreign electronic data have severely hampered cloud adoption.

Financial firms are further impacted by worries around availability, vendor lock-in and compliance.

Overcoming Challenges

Private Cloud: Financial organisations might want to consider using a private cloud for peace of mind over data being compromised in a public cloud scenario. For example, traders would be extremely nervous about having their proprietary trading strategies in the cloud in case a competitor on the same cloud could gain access to it. Since financial services operate in a highly regulated environment, a private cloud solution would bring added reassurance when moving data to the cloud.

UK-based Vendor: Using a fully UK-based cloud vendor with UK-based data centres and also a UK head office will ensure the data that you put in the cloud is protected from the NSA and the Patriot Act.  If you use a US vendor, even if they have a dedicated UK office – they are still subject to the demands of the NSA, meaning they can hand your data over to the US authority at any time – despite what agreements they have in place with you.

Availability: IT managers are also concerned about the availability of applications deployed on the cloud.  Make sure you carefully check a vendor’s Service Level Agreement (SLA) that will set out guaranteed uptime and so on.

Vendor Lock-In: Most cloud providers provide access to their resources through proprietary APIs. If you wish to switch to a different cloud vendor you are often faced with high costs to actually get your data out in a usable format.

As Memset’s entire Infrastructure-As-A-Service platform is built on open source software, data can be moved quickly and easily across many different cloud providers if required, helping to alleviate vendor lock-in.

Compliance:  As there are no definitive regulations on how financial companies can use the cloud, the security accreditations gained by IT vendors can provide added peace of mind that they have the security and systems in place to keep your data safe.

For example, Memset have secured CESG accreditation for our cloud infrastructure up to Impact Level 2. This involved undergoing vigorous penetration testing by a third party who are tasked with trying to hack into and break our infrastructure.  We easily passed this test and our systems were approved to hold secure government data.

Penetration tests are done annually and the PGA who carry out the accreditation process also check that the vendor has the relevant internal policies and procedures in place and staff are checked under the baseline personnel security standard for IL2, and Security Clearance checked for IL3 to ensure protection over systems and sensitive data, which is especially important for financial services.

Looking for a supplier holding IL2 or IL3 accreditation should give you further reassurance that your data will be safe.

If you are a financial services organisation that heavily relies on IT enabled services you can benefit massively from cloud computing. Cost savings, scalability, faster deployment times and increased mobility are just a handful of benefits that the cloud can bring to your organisation.