Financial services might have been slow in embracing public cloud initially, but they now are making up for lost time. Doing so effectively, however, requires a rigorous and comprehensive change strategy to maximize benefits while minimizing risk. As best practices emerge to guide firms’ journey to public cloud, here are four ways to ensure your move to the cloud is effective.
Ready or not, public cloud is coming to financial services. According to research from TABB Group, one in four financial services firms are planning on moving workloads to the public cloud in 2019, and the majority of firms will be increasing their cloud spend this year. Financial services might have been slow in embracing public cloud initially, but they are now making up for lost time.
In our white paper, “Securing PII Data in the Cloud for Financial Services,” we looked at one fintech “unicorn” that was able to move sensitive data for its 80-plus million customers to public cloud. From this experience, we have defined a set of 11 best practices to guide the journey to public cloud. Covering everything from foundations to dashboards, these best practices serve as helpful guideposts to inform a public cloud program. Below we’ve broken down four ways to make your move to the cloud effective:
1) Change your focus and approach. A traditional data security orientation is based on the notion that no amount of protection is sufficient and that a distinction exists between data and attack surface. These notions are abandoned in a public cloud deployment and replaced with a sophisticated approach to data classification that ensures the protection of your most sensitive resources as well as a change in philosophy that relies on vigilant software-defined protection. The result? Total defense that is based on a zero-trust/always verify model.
2) Consider security in a hybrid model. It may seem obvious, but the cold, hard reality is that it is not possible to make a 100% move to the public cloud in one short, swift leap. In fact, each situation and application should be analyzed on its own merits and decisions made based upon cost, flexibility, business drivers and more. This hybridization of resources can lead to increased complexity, making compliance and security all the more important. Fortunately, the advanced technologies that are associated with public cloud go a long way in helping address this situation.
3) Embrace opportunities for exponential change. New technology such as public cloud carries with it the additional possibility to make other, fundamental changes that alter work in a way that delivers exponential gains. This is the case with public cloud and infrastructure automation. While it might be possible to achieve such gains without public cloud, the power of the technology combined with a comprehensive enforcement and change management orientation that utilizes seamless deployability can yield exceptional results.
4) Get to the heart of the matter: data. Data is the fuel that drives the modern enterprise and also the source of the greatest increases to both cost and risk. Fortunately, the tools, processes, and procedures of robust public cloud services provide the means to tackle the data issue. Not only is it possible to achieve greater results, but it enables increased security at the same time. Important facets of such an effort include sophisticated redaction and encryption of data as well as managed solutions for data loss prevention and resiliency.
The emergence and growth of cloud resources has made a profound impact on all businesses, and the financial services industry now stands poised to embrace public cloud in a big way. Doing so effectively entails more than a simple “lift and shift” mentality; instead, it requires a rigorous and comprehensive change strategy to maximize benefits while minimizing risk. The future is digital, and the enterprise needs to invest accordingly in order to compete.
Additional articles from Maven Wave on public cloud in financial services: