Why covert IT activity could damage financial organisations

July 31, 2015
Why covert IT activity could damage financial organisations

By Richard Munro, Chief Technologist vCloud Air EMEA, VMware

Financial organisations are one of the most highly regulated industries today. Following the formation of the Financial Conduct Authority and Prudential Regulation Authority and various scandals that have rocked the banking world, rules such as “ringfencing” and the Dodd Frank Act have added pressure on banks to seek compliance and be more transparent about their operations. But amidst all this, a covert IT issue is brewing; one that could threaten the positive reputation that these organisations are now trying so hard to re-build.

Today’s digital world is driven by a generation which has grown up with instant access to any information as and when they want it. For any business, pace is dictated by customers rather than IT departments – and that’s certainly no exception in financial institutions. In fact, out of all the sectors, it’s finance that is fast-becoming a software-led world as more and more customers turn to online and mobile banking for speed and ease of use, rather than having to wait to go into their local branch.

Because banks are being led by software, the way they can differentiate themselves is through their software – that means finding innovative applications they can offer their customers – whether that’s peer to peer cash transfer apps or even just a simple mobile app for balance checking, the modern financial sector CIO often asks themselves whether they are still a financial institution or a software house.

So what can IT do to make sure it is actually keeping up by developing these applications and giving employees and customers’ access to them to support speedy, at-your-fingertips banking, while making sure all data is kept safe and secure?

For some time, financial organisations have actually been debating the best IT infrastructure to help them do this job – is it Public, Private or Hybrid Cloud? According to a recent study, 92% of UK Financial Services institutions are using some form of public cloud[1], as they’re aware of the numerous advantages (affordability, ease of use and meeting client needs) it brings. However, the ‘hidden’ way in which they are purchasing these services is a major concern.

Worryingly, the research found almost half (44%) of line of business decision makers in finance admit to bypassing the IT department entirely when purchasing public cloud services, despite being aware of the potential risks. For example, when asked about the likely consequences of an external cloud provider suffering a security breach, the potential reputational cost to the organisation (60%), financial damage (54%) and loss of data (51%) were the top concerns.

Given banks are under more scrutiny than ever before from regulators and their customers, this kind of risky behaviour just shouldn’t be happening. If business decision makers want to embrace public cloud, they need to be clearly communicating this with IT and involving them right from the start of the process, but equally IT need to provide the types of services and agility that these requirements call for. IT are the ones with in-depth knowledge of the potential risks and advantages and what solution will work best for overall business needs, and understand the role of IT in the compliance and regulatory needs of the business. Crucially, they are also the ones that can quickly respond in

times of crisis (such as a data breach) drawing on their experience to prevent and solve these issues and ultimately, save the face of the company.

This is where the hybrid cloud approach through VMware vCloud Air offers the best of both worlds to Financial Services organisations. The seamless bridge between the private and public cloud means that business-critical applications remain in-house, but can be easily moved into the public cloud when additional resource is needed. That includes handling new projects or systems, running test and development programmes including the use of all the latest development tools and processes, or providing Disaster Recovery services far more efficiently than has ever been possible.  Because public cloud environments can be provisioned instantly, employees and Lines of Business don’t feel the need to go behind the back of the IT department and speed things up by helping themselves to non-compliant IT resources on risky contracts that build modern technical siloes.

With a more aligned and collaborative approach, based on a hybrid cloud, IT teams can ensure business-critical applications and sensitive data remain under their control, while business decision makers can take advantage of the enormous scalability and accessibility that public clouds can bring, securely and cost-effectively. This enables financial organisations to better meet the needs of their customers, industry regulators and their business as a whole, at a time when this has never been more important.


[1] Research commissioned by EMC, VCE and VMware was conducted by Opinion Matters between March 2015and April 2015 among over 600 decision markers / heads of departments across six industries. The aim of the study was to compare the influence and impact public cloud purchases has on department efficiency levels.

*Industries surveyed: Telecoms & Media, Financial Services, Retail, Public Sector, Manufacturing and Oil & Gas.

 


 
Related Posts
 

In the latest blog from our series of conversations with …

Read More

By Simon Eady, vExpert & blogger

IT failures and problems have …

Read More

Today, we want to discuss three key areas of IT …

Read More

As one of Denmark’s leading retailers, Coop needed to ensure …

Read More

 
 
Blog Archive