By Brian Forster, Senior Director, Fortinet
From large banks to insurance companies, financial services organizations are leveraging the cloud to stay ahead of the competition and deliver the best customer experiences that they can. Bloomberg reports that 25 of the world’s 38 largest financial institutions and insurance companies have signed up with Microsoft’s cloud business and are beginning to put applications in the cloud.
Some banks are moving entire systems and platforms to the cloud, while others are just moving pieces and keeping the rest on internal infrastructure. Either way, these organizations need to make security a priority, which oftentimes leads to the adoption of a cloud security provider. But, with today’s dynamic virtual environments, what should the financial services sector look for when selecting a vendor?
Four cloud security must-haves include:
- Data Security
- Visibility and Control
While these must-haves seem obvious, it is important to keep them top of mind as institutions consider these options in the cloud.
- Data Security
Because data is the lifeblood of financial services,security and regulatory compliance — combined with the threat of reputation damage, financial impact and loss of business—make data security priority one. In fact, according to the Cloud Security Alliance (CSA), data protection is the chief concern among financial institutions that are shifting work to the cloud.
This concern typically arises as soon as financial information transfers outside the organization’s walls, and they feel as if they’ve lost control. So, before all else, financial institutions should start their cloud security selection process by evaluating the security measures that providers have in place, and make sure they meet or exceed requirements. Independent certifications like those provided by NSS Labs and ICSA can be helpful in this process.
There was a time recently when it seemed like a longshot for any financial organization to move to the cloud. However, scalability and agility make it a tough option to ignore. By embracing cloud services, information and applications can be accessed from anywhere at any time. Additionally, the cloud allows financial institutions to evolve without making cumbersome investments in infrastructure or human resources.
While it’s important to think about the business benefits of moving to the cloud, organizations have to remember that their security solutions must be just as flexible and scalable as the cloud itself. As the financial landscape and requirements change, organizations need to be able to make changes (when needed) to security solutions in place as well. A reliable cloud security provider will offer end-to-end security for both virtualized and physical environments.
- Visibility and Control
The loss of financial information or customer data can present organizations with serious ramifications and can severely harm reputation. As financial organizations become more digital than ever, control over data and security is paramount.
Cloud security providers in the financial services industry should offer users the ability to review network activity (including security threats) as needed and from a single location, in an effort to keep security breaches at bay and overall costs down. Visibility and control in the form of reporting capabilities lets organizations be proactive, rather than reactive. These reports should come in custom and preconfigured variations, and the ability to receive them on-demand is a must.
Today’s financial organizations need open security solutions managed from a single pane of glass to allow security and network operations—as well as data, including threat intelligence—to be shared across environments, from the IoT to the cloud, to provide better protection. With these types of open and expansive security fabric solutions, financial businesses will be able to evolve and address all the threats that can be faced across today’s landscape.
An open cloud security solution is more than just a suggestion. It should be a requirement for any organization evaluating cloud security vendors, and it should be part of the foundation of any security strategy as well.
Choosing Wisely for a Secure Future
Financial services organizations are shifting applications to the cloud, seeking the efficiencies and cost reductions this move holds. However, with cybercriminals eager to get their hands on financial data, security is paramount – making it more important than ever to vet cloud security providers. There are many providers available on today’s market, so before investing, it’s important to remember to look for each of these four core elements. Doing so will provide peace of mind that legal requirements are being met while creating a more secure data environment and the possibility for easy scaling.
About the author:
Brian Forster is a senior director at Fortinet, where he oversees and manages all aspects of the financial services vertical, including thought leadership, demand generation, sales enablement and account-based marketing. Prior to Fortinet, he held a leadership role at Juniper Networks and has spent most of his career within the high tech industry, including three years at Accenture and seven years at IBM in a variety of positions. He is a graduate of Pomona College with a B.A. in Political Science and an M.B.A. from Goizueta Business School at Emory University.