Banks Look Up To The Cloud

Uploaded on 2016-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Banks are growing more comfortable using other companies’ servers instead of their own closely guarded data centers -- and that longstanding security concerns are fading.

Imagine closing your eyes and asking the voice-activated Amazon Echo on a nearby shelf when your next car payment is due. Just a few years ago, banks would have needed a houseful of their own computers to provide such service.

Instead, new capabilities announced by Capital One Financial Corp. run on Amazon.com Inc.’s cloud. 

For years, banks have been outliers, shunning web-based data centers run by Amazon, Microsoft Corp. and International Business Machines Corp. Pressures to reduce costs and innovate are changing that. Of the world’s 38 largest financial institutions and insurance companies, 25 have signed up with Microsoft and are beginning to put applications in the cloud. Capital One, the eighth-largest U.S. commercial bank, started deploying applications in cloud services in early 2015.

“The momentum has been tremendous, especially in the last six months,” said Karen Cone, general manager of worldwide financial services at Microsoft.

Banks are trying to speed up internal development to keep up with innovative startups that are reinventing everything from cross-border payments to bill pay and doing it faster by using the cloud. The lenders look to the cloud as a way to lower costs and improve profits in a climate of stiffer capital rules and low interest rates.

Capital One added to the services it first started offering through the Amazon Echo in March. The bank became the first company to give customers access to auto, mortgage and home-equity information using Alexa, the Echo’s voice-activated assistant, providing answers to questions such as “How much is my next mortgage payment?” and “How much more until my motorcycle is paid off?”

“The primary motivation for the banks to do this is because they want to create agility and flexibility in their middle and back office that would let them digitize their business on an end-to-end basis,” said Likhit Wagle, general manager of banking and financial services at IBM, based in Armonk, New York. “They want to be able to automate all of their processes.”

Two developments have contributed to the bankers’ growing embrace of cloud computing. Regulators have welcomed the shift and cloud companies have revamped their practices to accommodate lenders. “We see no fundamental reason why cloud services (including public cloud services) cannot be implemented, with appropriate consideration, in a manner that complies with our rules,” the UK’s Financial Conduct Authority said this month when it published new guidance for the industry.

Financial Services

Microsoft, based in Redmond, Washington, created a special financial-services compliance program that gives banks full access to all audit reports, notification of any security incidents and provides them with a road map on upcoming security and privacy features.

“I know from our own checks that both Amazon and Microsoft are all over the global banks,” said Karl Keirstead, a software analyst for Deutsche Bank AG. “This is a massive opportunity and prize that the public cloud vendors are well aware could move the needle for them.”

The transition to the public cloud began in Europe and Asia. Commonwealth Bank in Australia has begun using web-based computing for development and testing new software, and running its website, for example.

Major Savings

“Through this hybrid approach of combining the use of public cloud with our internal cloud, we have realized major savings in infrastructure costs and reduced project delivery times,” Nick Giles, executive general manager of IT Delivery Services at the bank, said in an e-mail. “As a result, we have been able to channel that capital toward innovation and customer-facing technologies.

Singapore’s DBS Bank said it will use Amazon Web Services and expects to move as much as 50 percent of its computing needs to the cloud by 2018

Capital One, based in McLean, Virginia, is so happy with cloud services it’s closing data centers and expects to be down to three from eight by 2018.

“There’s nothing we aren’t willing to put in the public cloud,” said Rob Alexander, Capital One’s chief information officer. “We are now doing the vast majority of all our new development in the public cloud, and we are systematically moving our legacy applications.”

Larger banks are expected to follow in coming months, though they are expected to do so cautiously. Many are starting by putting marketing, human resources and other non-core applications onto the cloud -- usually, no more than 10 percent of their total applications, according to IBM’s Wagle. Other parts of the businesses will take longer.

“Banks move slowly, especially regarding IT decisions with regulatory implications,” said Keirstead of Deutsche Bank Securities. “Hence one should expect any move to be gradual.”

Information-Management:  

 

« ISIS Is Tooling Up For Cyber Jihad
Hacking May Prompt Heightened US Election Security »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Information Commissioner's Office (ICO) - UK

Information Commissioner's Office (ICO) - UK

The Information Commissioner's Office is an independent authority set up to uphold information rights in the public interest.

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

World Wide Technology (WWT)

World Wide Technology (WWT)

WWT is a technology solution provider in the areas of big data, collaboration, computing and cloud, mobility, networking, security and storage.

Networkers

Networkers

Networkers is a global recruitment consultancy helping unite job-seekers and hiring companies across the technology industry.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

CyberGRX

CyberGRX

The CyberGRX Exchange and our risk assessments-as-a-service help Enterprises and Third Parties cost-effectively identify, prioritize and mitigate risk.

oneclick

oneclick

oneclick is a central access and distribution platform in the cloud, enabling the management of the entire technology stack for application provisioning.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

Appranix

Appranix

Appranix delivers Cloud App Resilience with app-centric entire cloud resources backup, restore, and cross-region disaster recovery.

Symbiotic Security

Symbiotic Security

Symbiotic Security revolutionizes code security by integrating an AI-driven security coach directly within developers' IDEs.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.