According to International Data Corp, banks are expected to spend more than $53 billion on cloud services by 2023.
The cloud is a business asset no modern bank or credit union–regardless of size–can afford to bypass. It’s become clear that any financial institution relying on a legacy infrastructure cannot compete against faster and more innovative digital competitors.
The cloud makes it possible for financial institutions to accelerate their growth unlike ever before. Modernizing their existing technology environments enables them to automate operations and workflows, resulting in increased efficiency, security and cost savings. With the right digital partner, these organizations are set up to rapidly respond to new digital products and services for serving their current and future consumers.
Data security, however, continues to be a major concern. Banks and credit unions are responsible for storing and processing a vast amount of data, including proprietary confidential information and customer personal information. Putting sensitive data in the cloud can pose a risk, as Capital One’s recent data breach woefully demonstrates. This serves as a warning to the industry. If a big bank with access to colossal budget is unable to secure its data in the cloud, how is the average institution going to stay protected?
There is a key differentiator with the cloud that many don’t quite yet understand, and that is between technologies hosted in a public versus private cloud environment. With a public cloud, data is stored and typically self managed in a multi-tenant, shared environment. In contrast, private clouds are dedicated to a single company where all the hardware, data storage and network is managed with few if any resources shared with other organizations. There are other differences, too.
Financial institutions operating in the cloud require the right people, tools and management in place. For maximum uptime, impenetrable security and full compliance, which cloud is the safest alternative? Take a closer look at Big Tech’s impact in the financial industry and beyond, and the answer becomes clear.
More vulnerable to exposing sensitive data
Major technology companies lead the cloud computing business, attracting the attention of some of the largest financial firms for their efficiencies and ability to support rapid innovation.
According to Gartner, Amazon is the dominant player with control of nearly half of the public cloud market. Its Amazon Web Services (AWS) unit offers businesses an on-demand, pay-as-you-go cloud computing infrastructure that counts HSBC Holdings, Goldman Sachs and Fidelity Investments among its clients. Microsoft and Google are Amazon’s top rivals, each with its own list of large-scale financial clients including TD Bank and Bank of America.
By moving their data to the cloud, Big Tech is increasingly responsible for critical day-to-day banking. From the control of confidential client information to thousands of daily financial transactions, securing these clouds needs to be a paramount objective.
While cloud providers have taken steps to ensure safety, all it takes is human error or manipulation. In 2017, Amazon said one if its employees accidentally caused a massive AWS outage that resulted in Internet outages nationwide.
A cybersecurity firm revealed this month that approximately 6.2 million email addresses were exposed by the Democratic Senatorial Campaign Committee in a misconfigured Amazon S3 storage bucket. As stated here, this shows the reach and longevity of such data, and how operational errors in the handling of that data can leave it exposed to the public.
Meanwhile, Amazon and other public clouds continue to resist compliance rules and inquiries from financial regulators. When the government raised possible new cybersecurity standards in 2017, Amazon lobbied against them by arguing that cloud companies sell a system that is the client’s job to secure.
The Wall Street Journal recently reported that, before the Capital One breach, “employees raised concerns within the company about what they saw as high turnover in its cybersecurity unit and a failure to promptly install some software to help spot and defend against hacks.”
Financial institutions and other businesses migrating their data to the cloud need to understand who is responsible for compliance and security. If it can happen to one of the 10 largest banks in the U.S, is everyone at risk?
A more secure banking experience
With the right digital partner, banking in the cloud does not have to involve risk.
In the case of NYMBUS, our platform is hosted in private clouds that are dedicated to each client. This offers a true native cloud service, giving financial institutions just one source to contact for all aspects of development, support, service levels and maintenance.
Each cloud operates in Tier 4 Data Centers that are designed to host mission-critical servers and computer systems, with fully redundant subsystems and compartmentalized security zones controlled by biometric access controls methods. The NYMBUS Data Centers are also manned and monitored 24x7x365 by experienced engineers, and meet all of the regulatory requirements financial institutions need to achieve to protect their data and customer information.
Private and dedicated clouds offer many advantages. Institutions can manage the cost, support the infrastructure and have full control over where all data is stored physically and virtually.
With NYMBUS, we own the switch that talks directly to the core. Each banking client has their own network and servers, and operates as an independent, single tenant, completely segmented from one another.
If a server goes down in this cloud, for instance, NYMBUS will fix it, adhering to all required service levels. Clients running on Amazon’s cloud service, for example, would have at least two calls to make to resolve the issue. Further, the client and/or their cloud provider would become responsible for all compliance documentation and testing, adding a huge amount of complexity, time and expense to the process and an ongoing significant overhead on top of that. Compliance becomes significantly easier, faster and cheaper to achieve in the private cloud.
The private cloud also offers the ability to hybridize virtual servers and dedicated servers. If an institution requires custom or dedicated servers to run custom applications, that hardware can be integrated into their private cloud. This provides a level of customization institutions aren’t experiencing today.
Upgrades and maintenance also become significantly easier. In the public cloud, institutions lose control of upgrade and maintenance schedules and are forced into the timeframes of the cloud provider. With the private cloud, NYMBUS works with each institution to define upgrade and maintenance windows to minimize disruption to its business.
Ultimately, using a hosted, private cloud solution for financial institutions offers significant advantages of cost, compliance, security, single-point accountability and flexibility for both developing innovations and scheduling maintenance.
A 2018 U.S. Treasury report found that bank regulations hadn’t “sufficiently modernized to accommodate cloud and other innovative technologies.” While this is the case for public clouds, private modern clouds like NYMBUS prove otherwise.
As more financial institutions break from tradition and take a cloud approach with their technology and data, the decision on where and how that cloud is hosted will have a multifaceted impact across organizations and customers.
Having the right people, tools and management in place will keep your data secure. Contact us today to learn more about how NYMBUS can help safely grow your business in the cloud.
David Mitchell, president of NYMBUS