Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Cloud adoption in the financial service sector – a storm warning

The ongoing mass migration to the cloud shows little sign of slowing. According to IDC, by 2025 49 percent of the 175 zettabytes of data worldwide will be stored in public cloud environments as organisations realise the benefits of using IaaS, PaaS and SaaS. The financial services sector is no exception when it comes to cloud adoption, with cloud use increasing by 43 percent between 2017 and 2019.

However, while cloud can give significant benefits, it also introduces new challenges– many of which can be unforeseen. For instance, many financial services organisations are choosing to handover the responsibility of backup to their cloud providers. Yet there is often a clear gap between backup policies that cloud providers find acceptable, and ones that fit the obligations placed on financial organisations. Organisations that aren’t aware of any gaps can place themselves at serious risk of data loss and even non-compliance.

Backup services lost in translation

Barnaby Mote
Barnaby Mote

The reasons for FS investment in the cloud are clear and numerous – from improving the scalability of infrastructure and applications, to saving costs and time when implementing new applications or infrastructure. Another frequently identified benefit is being able to hand over responsibility for backups, which have paradoxically become ever more complex as cloud adoption increases. As such, any opportunity to pass on responsibility will seem attractive to many FS organisations – especially if it’s as part of an existing service, meaning the cost and complexity of sourcing, setting up and then paying for a new and separate service are eliminated.

However, there is currently a gulf between perception and reality when it comes to organisations’ backup needs and the services offered by cloud providers. In a recent survey carried out by 4sl, for instance, only a quarter of financial services organisations claimed to know their cloud providers’ backup provisions in detail, whilst 36 per cent of firms using AWS and 43 percent using Office365 wrongly believed that their data would still be available long after it’s gone. At a glance, this may seem of little importance. However, when we consider that the ability to demonstrate data availability is such an integral element of meeting regulatory obligations in the sector, the risks become apparent.

What are the risks?

The truth is that many cloud providers’ out-of-the-box backup services will not match the regulatory requirements that financial organisations have to meet when it comes to holding data. Quite simply, there are wide variations in the backup and recovery capabilities of cloud services and few provide even the most basic provisions by default. Where backup can be added on, the data is always held by the provider; not an ideal situation for organisations concerned about having all their eggs in one basket.

By assuming that cloud providers’ backup policies meet rigorous regulatory demands, FS organisations are putting themselves at serious risk of data loss and even non-compliance – which could in turn lead to fines, other disciplinary action or even reputational damage. Organisations within the heavily regulated finance sector should not leave backup to chance. So, what can they do to gain more control?

Bridging the gap in understanding

FS organisations have a few options available to them. One potential route is to do the legwork to understand what each provider offers and configure accordingly – a course of action that is possible but could be time consuming for firms using multiple cloud services, as many do.

A second option is for financial services organisations to use a separate technology or service that ensures corporate standards can be applied consistently across the board, from mainframe to micro-services. Whether this is done in-house or as part of a separate third party service, the most important thing is that data is kept secure and backed up regardless of the organisation’s approach to infrastructure. Ultimately, it’s down to each organisation to understand what best suits their individual business.

From fintech to the growing cyber threat, the financial sector already has enough challenges on the horizon. Not knowing whether cloud data is at risk need not be added to the long list. With data finding its way into increasingly diverse on-premises and cloud locations, the solution to this challenge is in sight for those who choose to look.

By Barnaby Mote, CEO, 4sl