Banks Pursue Mixed Cloud Strategy

Much of the financial sector is still trying to come up with a cloud migration strategy, but those businesses attempting to implement one are leveraging both private and public clouds, according to a survey by the Cloud Security Alliance.

Not surprisingly, the security of sensitive financial information was a key concern for institutions migrating their operations to the cloud, the survey found, noting that industry regulations require specific security measures as businesses embrace cloud infrastructures.

Given those strict security requirements, the alliance found that 61 percent of financial institutions surveyed are currently developing a cloud strategy. A mix of private, public and hybrid cloud approaches was the most common approach. "The exact deployment models companies took are correlated to the maturity of their cloud strategies," the survey noted.

Meanwhile, 32 percent of respondents said they had nailed down a cloud policy while 7 percent said they had opted for a strict, no-cloud approach.

Of those companies still fleshing out cloud strategies, 18 percent said they would use only a private cloud. Despite the relatively low adoption rate, the survey authors argued that the statistics are encouraging, adding that they "show added comfort and assurance when practicing in the cloud and is an encouraging sign of maturity in cloud confidence."

Among the top features financial institutions are seeking from cloud providers are better auditing controls (80 percent), improved data encryption tools (57 percent) and real-time receipt of user logs (51 percent). "The service itself and, more importantly, how the cloud provider accommodates these top features will determine how readily a particular cloud service is embraced," the survey concluded.

Generally, the survey also found that the biggest driver of cloud adoption among financial institutions was the ability to develop flexible infrastructure capacity. More than two-thirds of respondents cited that reason, followed by reduced provisioning time (63 percent) and cutting total cost of ownership (57 percent).

Application development and testing along with managing customer relationships were the top cloud applications while data analysis and business intelligence (41 percent) and big data services (28 percent) were farther down the list cloud applications being adopted by banks.

Security remains by far the biggest hurdle to cloud adoption by financial institutions followed by regulatory restrictions and fears about widely publicized security breaches. Given universal concerns about security, 60 percent of those surveyed ranked data confidentiality as their foremost concern. That was followed by loss of control over customer data and highly publicized data breaches.

Gaining a better understanding of the financial sector's security requirements "represents an opportunity for cloud and technology providers" in assisting the transition to the cloud, the security alliance concluded. For now, the biggest requirement is data protection for cloud-based financial networks.

"As better tools for auditing and data protection become more mainstream, companies will feel more comfortable moving critical data to the cloud, while maintaining its security and compliance posture," the survey report concluded.

The cloud survey was conducted during the fourth quarter of 2014 and attracted responses from 102 participants. Fifty-nine percent were based in North America, 21 percent in the Asia-Pacific region and 20 percent in Europe, the Middle East and Africa, the group said.