Secure Migration to Cloud Services


Key Security Challenges for Financial Services Firms

GreySpark Partners presents a new report examining the drivers behind the increasing adoption of cloud-based services within financial institutions. Since 2010, the cloud computing industry has increased the variety of its offerings for the financial services sector. The security challenges that hindered the take-up of cloud-based service models within banks and buyside firms began to recede starting in 2010 as a combination of the development of cloud-specific standards and a higher degree of financial institution awareness and mitigation of the risks associated with cloud technology. As a result, the appeal of cloud technology solutions, in terms their cost efficiencies and technological and business flexibility, to financial services companies has increased.

Read More

In light of the additional guidance and regulations from the Cloud Security Alliance (CSA), the International Standards Association (ISO) and the National Institute for Standards and Technology (NIST), as well as the growing maturity of the solutions provided by the cloud providers, cloud security concerns are increasingly being assuaged. In 2016, the deployments of cloud-based services by financial institutions are widespread but patchy across the middle- and back-office. That said, cloud technology use by the front-office is gradually becoming more common with instances of cloud-based market data and transaction services leveraging cloud technology appearing in organisations across the sector.

The GreySpark report explores the drivers, issues, concerns and challenges faced by financial institutions as they migrate services to the cloud, and it delivers a raft of recommendations for a secure migration based on those concepts.

Published on: 6 Oct, 2016

Please login or register to download this report for free


Secure Migration to Cloud Services – Table of Contents

  • 1.0 Introduction to Cloud Services
  • 1.1 Drivers to Migrate Services to the Cloud
  • 1.2 Cloud Provider Selection
  • 2.0 Financial Institution-centric Security Concerns and Remedies
  • 2.1 Unified Enterprise Cloud Strategy
  • 2.2 Governance Control
  • 2.3 Division of Responsibilities within Service Level Agreement
  • 2.4 Resources and Expertise in Cloud Technology
  • 2.5 Management of Cloud Costs
  • 3.0 Vendor-centric issues
  • 3.1 Separation of Resources
  • 3.2 Incident Management Coordination
  • 3.3 Authentication and Authorisation
  • 3.4 Remote Management Tools
  • 3.5 Governance Differences between Availability Zones
  • 3.6 Cloud Service Availability and Resilience
  • 3.7 Vendor Lock-in
  • 4.0 Regional Differences in Compliance Requirements
  • 4.1 Data Protection and Data Privacy
  • 4.2 End-of-life Data Management
  • 5.0 Conclusions
  • 6.0 Appendices
  • 6.1 Glossary of Terms