By Stuart Jubb, head of consulting at Crossword Cybersecurity, looks at how fintech start-ups can maintain their agility while reducing risk with supplier assurance
The bar of entry to becoming an operator in the financial services industry is understandably high as it is necessarily heavily regulated. The UK financial sector has evolved rapidly over the last five years with the growth of fintech businesses looking to drive innovation into the banking industry. As well as developing technology, new entrants must pay great attention to meeting the requirements of the regulators as well as ensuring that a ‘privacy by design’ approach is taken from the outset. There is a risk that founders might focus all of their energy into the development of innovative and cutting-edge technology offerings, but at the detriment of meeting the demands of the regulator and broader privacy requirements.
Exciting growth that must be regulated
One of the key catalysts for the growth in the Fintech industry has been the Payment Services Directive 2 (PSD2), also known as Open Banking. PSD2 regulations ensure that banks create mechanisms to enable third-party providers to work securely, reliably and rapidly with the bank’s services and data on behalf and with the consent of their customers.
The FCA has been pioneering in encouraging the growth of the fintech sector in London through their regulatory sandbox programme. Since its launch in 2016, 89 firms have so far been accepted to test innovative products and services. The combination of this programme with the PSD2 legislation has seen huge growth in the UK’s fintech sector with investments growing 38% from 2018 to 2019 to a massive $4.9 billion of investments. The development of new and innovative applications and services is great for consumers, businesses and the banking sector as a whole, but each of those groups must protected with the same gusto that the sector is known for. Regulation and legislation in the sector remains far reaching and for new entrants can be complicated to navigate, particularly as they are typically fast-moving start-ups used to working with agile methodologies and utilising a range of open source and third party technology providers to bring their service to market rapidly. This kind of technology supply chain comes with risks that need closely managed, and as we’ll come on to supplier assurance has a key role to play here.
FinTech’s and cyber security
Unsurprisingly, information and cyber security feature heavily across much of the existing legislation that firms will need to consider. Legislation exists in all jurisdictions and the more regions a firm operates in, the more legislation they will need to comply with. In the UK the FCA’s handbook raises security in the section focussed on Processes and Systems (13.7) that in turn is concerned with operational risk. Generally, there is an ongoing focus on Operational Resilience in the UK financial regulatory environment also seen in the Operational Resilience consultation launched by the Prudential Regulatory Authority (PRA) in December 2019.
The services a fintech business is offering and where it operates will define the security regulations it will be required to meet. PSD2, for example, has robust security measures within the legislation. Controls are mandated with organisations having to implement “an effective operational and security risk management framework” and the “framework should focus on security measures to mitigate operational and security risks.” The framework must also encompass outsourcing arrangements where appropriate so if a company outsources any of their service provision to a third party – this supply chain risk must be understood and monitored as well. The framework needs to cover a broad range of security considerations including Risk Assessment, Protection (including Data Systems Integrity, Access Control, Physical Security), Detection, Business Continuity and Testing of Security Measures.
The security themes that we have spoken about so far are part of a number of regulatory standards including, the Payment Card Industry Data Security Standard (PCI DSS) if card data is processed, stored or transmitted by the service. FintTech startups, as well as established firms, must also consider local differences in legislation. For example, those operating out of New York State, must consider the New York State Department of Financial Services 500 series on Cyber Security (NYDFS 500).
There are common themes across all of these requirements because after all, their intent is much the same, to ensure that firms operating in the financial services industry are taking the right approach to reduce the risks of doing business. Firms should look at adopting an industry standard as a baseline to begin to satisfy all the areas of legislation that may apply to them. Many of these regulations draw upon standards such as ISO27001 and if this is used as a baseline, the controls in ISO27002 can be mapped across all the requirements that are applicable to the firm. Fintech businesses are often building APIs and as such must enter the market with the European Union General Data Protection Regulation (GDPR) ‘Privacy by Design’ principle at the heart of what they do.
As an example, from the cyber security specialist perspective, they typically approach these responsibilities as short-term, single-moment-in-time, instant assessments – often required on top of their day job of protecting the organisation’s IT assets and systems. It’s also common that technical cyber specialists are asked about assessing standards, cyber controls and governance – an area in which they may well have no experience. They’ll carry out these tasks as best they can, but won’t always see them as strategically important.
FinTech needs supplier assurance
The key point is that firms need to be thinking about how they build in supplier assurance as part of meeting these security and broader regulatory requirements from the outset, because the problem gets bigger and harder as companies increase their involvement with third parties up- and down-stream in the supply chain.
Technology can automate the supplier assurance process, making it much easier to regularly review that all parties meet the necessary requirements and demonstrate due diligence. Doing so, means companies are not only compliant, but mitigate security risks. It also proves to parties, that systems and data can be connected, to either expand the service, in the case of a technology provider or as a customer of the service. Additionally, when raising funds for expansion and growth, investors are highly likely to undertake due diligence, and an established third-party assurance process can greatly simplify this.
Remember too that good software assurance practices do not just allow you to ensure that your suppliers meet the requirements set by you and your industry. They make it possible for other companies to rapidly have confidence in your organisation, when they are considering a partnership that will make you part of their supply chain.
Third-party assurance matters, and it’s better to start while small using processes and tools that will scale with your fintech aspirations. Growth can be rapid in the sector, with small companies far more agile and able to jump on new opportunity. The trick is to may sure that the processes are in place to ensure that ability to ride the wave does not become your undoing.
Holding Cloud To Account, How Cloud Adds Up In Financial Services
By Dom Poloniecki, General Manager, Western Europe and Sub-Saharan Africa at Nutanix
Cloud computing and the deployment of increasingly cloud-native technologies is happening across every industry vertical. Even in industries where a degree of previous inertia existed such as legal and finance, the drive to cloud flexibility and scalability has become a primary driver for the technology fabric that firms in these markets run on.
As traditionalist operations in the legal trade start to undergo increasing levels of digital transformation, the weighty behemoth systems running financial institutions are also now being carefully and strategically replaced by more efficient, more flexible and more cost effective cloud installations. Now a proud owner of its sub-sector label and hashtag, FinTech is the new financial IT… and FinTech was born on the cloud.
As part of the Third Annual Enterprise Cloud Index report by Nutanix, a specific analysis of the 3,400 IT decision-makers questioned is now dedicated to examining how financial services organisations are using cloud technologies. Looking at the key data points related to Financial Services, we can start to understand the implementation, workload separation and (in most cases still, as of 2020) the migration issues that these firms are experiencing.
In the world of Financial Services cloud computing, the importance of an integrated and intelligently managed hybrid framework can not be overstated. Financial operations can of course draw upon the resource backbone of public cloud for their foundational operational technology requirements. However, they often still need to run a carefully deployed private cloud footprint commensurate with the privacy and security needs of any organisation operating in the financial sector.
The central importance of hybrid
Hybrid cloud and the use of Hyperconverged Infrastructure (HCI) is therefore a key cornerstone for Financial Services hybrid cloud development. This is the route to a cohesively managed hybrid cloud environment, where workloads are optimised according to the security, performance and compliance needs arising from the use case of the data and applications at hand.
The Nutanix Enterprise Cloud Index findings back this reality up and show that the majority (86%) of financial services respondents identify hybrid private/public cloud as the ideal IT operating model for their organisation. So much momentum is there now in this space that financial services companies are running more applications in private clouds than most other industries polled. Their reported usage of private cloud (39%) outpaces all other industries except for IT, tech and telecoms (40%).
As a further validating and driving factor here, HCI is the lower substrate technology behind the big public cloud offerings from Amazon, Google and Microsoft. So HCI and the wider hybrid approach is no longer perceived as ‘just’ a route to cost savings, which perhaps it was as recently as half a decade ago; it now represents an important enabling and facilitating technology to reduce complexity and increase scalability. In the hybrid cloud world where cost is no longer the main driver for cloud implementation, we can say that we have moved on to a point where we identify the ability to ‘achieve business outcomes’ as the primary driver.
HCI for modernised financial challengers
Given the growth of so-called ‘challenger banks’ shaking up financial services with new online services, extended customer loyalty offers driven through dedicated mobile banking applications and other fast-moving business models, traditional financial institutions have realised that they need to become altogether more agile.
Adopting hybrid cloud in Financial Services allows even older and more established firms to build scalable and easily managed private clouds as part of a hybrid cloud model. This scalability can be engineered for rapid growth when and where it happens, but it is also scalability that enables financial organisations to rein in compute resources serving banking products that have proved to be end-of-life and ultimately laid dormant or retired.
It’s important to remember that, as powerful as it is, cloud can still be a complex consideration, especially when aggressively deployed in an essentially hybrid mix of public and private cloud instances. The Enterprise Cloud Index found that for every aggressive hybrid design being deployed, there is an equally aggressive drive to deploy Hyperconverged Infrastructure (HCI).
This is because HCI helps accelerate cloud adoption by sharply reducing the time it takes to build the software-defined infrastructure necessary to support private cloud. It also supports the rapid capacity expansion that enables the scalability benefits of cloud technology. Nearly 50% of the financial sector respondents said they’ve either fully deployed HCI or are in the process of doing so. Another 38% said they will be deploying HCI within the next 12 to 24 months.
It is difficult not to mention the impact and legacy of 2020 and the global pandemic on the financial services technology market space. More than three quarters (78%) of financial services respondents said Covid-19 has caused IT to be viewed more strategically in their organisations. In addition, 50% of financial services respondents said they increased their investment in hybrid cloud as a direct result of the pandemic.
Choice: from the bank teller to the backbone
The key point we keep coming back to here is choice. As financial institutions will be working to offer corporate and individual customers the widest choice of products and services, so too will they need to gain choice of operational compute fabric in the shape of the cloud deployments that they do actually make. More specifically, it’s about these Financial Services businesses having the flexibility to concentrate on the delivery of strategic business outcomes quickly, easily and – crucially – without the need to keep within the limitations of a particular supporting IT model.
As previous Nutanix surveys have shown, companies consistently express a desire for the ability to run workloads in the infrastructure best suited to them, based on a variety of criteria. Be that wanting to enhance security; rapidly on-board new apps during takeovers and acquisitions; reach new markets with different compliance needs and so on.
Over the next five years, financial services organisations expect a significant drop of 13 percentage points in their use of non-cloud-enabled datacentre technology, taking them down to less than 1% penetration. As in almost all aspects of life, some products, tools and processes that we took as standard parts of the way the world works are eventually superseded.
Nobody uses a ‘flatbed slider’ paper-slip credit card reader anymore to take a payment – and nobody will use non-cloud financial services IT functions in the very near future. There may be a few archaic legacy hangers-on, but they’ll be nothing more than the exception that proves the rule. Hybrid cloud for our Financial Services’ future? That’ll do nicely.
First of a kind Virtual Coffee Machine app with social meeting moments to support workforce wellbeing in a remote workplace
Powell Software’s first in a series of wellbeing technology innovations help remote employees socially connect with colleagues and keep the workplace culture alive
As the third UK lockdown continues and many countries worldwide face severe restrictions, Powell Software, a global organisation creating digital solutions and tools for the digital workplace, has launched the first of its kind Virtual Coffee Machine, an application within Microsoft Teams to ensure employees stay better connected, positively engaged and take regular breaks while working from home.
With employee wellbeing at the top of the global workforce agenda for 2021, Powell’s Virtual Coffee Machine app positively connects employees through virtual chats to maintain a culture of togetherness, even when apart.
Replacing the absence of the in-person coffee catch up, HR can swiftly set up a Virtual Coffee Machine break within any Teams channel, encouraging employees to take regular short breaks while inspiring networking and socialising between colleagues.
Matthieu Silbermann, Chief Product Officer at Powell Software said: “The effects of the Pandemic have reshaped the Digital Workplace and research has found that three quarters of employers intend to shift some employees to remote work permanently. However, with one in five remote employees naming loneliness as their top complaint regarding work from home, reinforcing togetherness needs to be a top priority.”
Take a virtual coffee
HR can set up a Virtual Coffee Machine meeting within any Teams channel defining time, frequency and date, and number of people. The app then uses an algorithm that collects data from employees registered in Powell Teams, automatically comparing outlook calendars and generating meeting invites based on the criteria of the meeting. For example, if the Virtual Coffee Machine meeting criteria was set at a maximum of five people and ten people are available to join then two meeting invitations would be sent.
Virtual Coffee Machine consciously avoids one to one or full team meetings, focusing on creating intimate, short social breaks where employees can take time out to engage with colleagues in a positive digital space. Colleagues can also ‘travel’ to differently located virtual offices across their organisation to meet colleagues for a coffee break in different virtual buildings.
Employees are unaware of who else will join the group until the event, to encourage different team members to meet, chat and get to know each other. The app automatically books an agenda and also suggests ice breakers like ‘what was the last film you saw or book’?
If a team member does not want to or cannot join a Virtual Coffee Meeting, they simply decline the meeting invitation.
Silbermann continues: “Powell Software is passionate about connecting employees to their organisation and to each other, ensuring that they have a positive and stimulating experience at work, every day. Remote workers need to be connected, they need to feel part of the company, the culture and feel able to socialise in the hybrid or remote workplace.
“Powell’s new Virtual Coffee Machine app is all about the employee. We all miss the little social moments at the office, whether they be at the coffee machine or the cold water fountain. Coffee Machine allows us to progressively see our workplaces positively come to life again in a virtual way, promoting connectivity, collaboration and employee wellbeing. It’s part of a bigger goal and series of initiatives to bring the virtual building to life.”
Top 5 Ways To Lose Your Video Files
There are lots of reasons why you can lose video files in your system or device. While some of these problems are avoidable, others are inevitable. Simply put, it is only a matter of time before the latter problems will be experienced. The major challenge is that most people don’t understand why their video files are either missing, damaged or deleted.
Are you amongst those mentioned above? Do you always ask why a video file can get lost, deleted or damaged? Don’t waste time to rack your brain on a such topic/matter. This is because you have come to the right place. This well-researched blog will provide you all the top reasons why you are losing your video files. Before thinking about which video recovery software to start using, it is recommended you know why files are getting lost in your system.
This is a common problem that is responsible for loss of data. However, most people are yet to discover it. Have you ever noticed any situation whereby there is sudden power outage in your system? Simply put, your system suddenly shuts down. In such case, applications and other files (photos, videos, audios and doc) will be closed without any prior warning. The implication of this is that your video files are likely to get damaged.
You may want to argue that systems come with batteries. Therefore, there will not be a problem of power shut down. This is not true in any way as power shut down can happen due to some reasons. It could even be that your system is malfunctioning. Even when your video files are not damaged through such incident, there is every chance that your hard drive will be adversely affected.
Faulty hard drive
If your hard drive is damaged due to one reason or another, there is every chance that your video files will be lost, damaged or deleted. Most of the cases related to data losses can be traced to malfunctioning hard drive. In case you don’t know, hard drives are very fragile. They can easily become faulty because of poor handling. If your hard drive crashes, it is recommended you find out what must have led to such problem. Trying to use a data recovery tool without knowing the root cause of the problem won’t do any good.
There are numerous factors responsible for a faulty hard drive. These could be hot system, frequent crashing, constant freezing, slow processing speed, booting up issues. The longer you ignore these problems; that is how your hard drive will be further damaged. This will in turn lead to loss of video files.
The truth is that as humans, we are always bound to make mistakes. These could sometimes prove very costly since they can bring about loss of video files. There are cases when important business files have been deleted mistakenly in the past. Human errors are very common. They can bring about formatting of hard drive, data loss and repair of system.
The only way to avoid this problem is to ensure you understand files to be deleted or retained. Most people don’t read messages displayed in dialogue boxes before clicking on “Delete” buttons. This is an easy way to delete important video files without knowing.
Computer virus is one of the major reasons why people lose video files. Just as the digital world is becoming increasingly popular, viruses and malware are also waxing stronger. One of the most notable causes is when you begin to explore unsecured websites. It can also happen when corrupt files are downloaded and installed in your system.
When your system has been compromised by viruses and malware, there is a very high chance of losing vital files like doc, videos, audios and photos. You will try to open these files but they won’t respond. The best way to overcome this problem is using anti-virus software. This will help to monitor your browsing habit online.
Hard drive formatting
This happens to be another major cause of data loss. Most people format their hard drive without backing up vital files. In the end, these files are lost. Without the help of a paid or free recovery software, you may struggle to get back such data.
It is recommended that you backup important video files before initiating such a process. There are lots of ways to do this. For instance, you can use an external hard drive or even store such files online. This will save you the stress of spending unnecessarily on a data recovery software.
When it comes to losing your video files, there are lots of reasons which could be responsible for such problem. The tips shared above can help you to a great extent. All you have to do is ensure they are avoided.
This is a Sponsored Feature.
Holding Cloud To Account, How Cloud Adds Up In Financial Services
By Dom Poloniecki, General Manager, Western Europe and Sub-Saharan Africa at Nutanix Cloud computing and the deployment of increasingly cloud-native...
What’s in store for Financial Services in 2021?
By Miroslava Betinova, Head of Strategic Sales at PPS If there is anything that 2020 taught us, it is the...
Iron Mountain 2021 Outlook
By Stuart Bernard, VP of Digital Solutions at Iron Mountain The Covid-19 pandemic is continuing to rewrite the rules governing...
Capital Markets: The Last Frontier for Digital Transformation in Financial Services
By Dr. Avtar Singh Sehra, CEO, Nivaura The last decade has seen financial services undergo vast digital transformation. New technologies...
Worldline launches Data as a Service platform for online payments
The new service enables users to do more with their data and is paving the way for a more insightful...
Jack Henry shares six areas of focus for financial institutions in 2021
Reflecting back on 2020, the community banking and credit union industries should be proud of how this unprecedented pandemic and...
Voice Quality Matters: Quarter of Employees Working From Home Still Experiencing Regular Connectivity Issues
-Survey of 1007 SMEs in the UK by Spitfire Network Services Ltd reveals pain points for employees working from home-...
Employee Ownership Trusts increasing in popularity amid a backdrop of continuing uncertainty
With 2020 behind us, the impacts of the COVID-19 Pandemic and Brexit are still being felt throughout the economy, and...
Open Banking: the perfect pandemic tool – Equifax comments
With COVID-19 related financial fallout set to dominate the credit landscape in 2021, Dan Weaver, Open Banking Expert at Equifax...
How can we benefit from mandated e-invoicing?
By Mark Stephens, the CEO of Blackstar Capital Electronic invoicing is at a tipping point. On the one hand, only...