Financial sector cloud adoption on the rise despite security concerns

Cloud Security Alliance research reveals softening attitude towards off-premise technologies from financial services firms

The financial sector is slowly coming round to the idea of entrusting its apps and data to the cloud, but security remains a major stumbling block for many.

That’s one of the key findings from the Cloud Security Alliance’s (CSA's) latest research into how cloud is being used in the financial sector, which revealed more firms are using off-premise services but on a largely ad-hoc basis.

The CipherCloud-sponsored report was compiled by CSA’s recently formed Financial Services Working Group (FSWG) and garnered responses from 102 participants – including banks, credit unions and insurance companies – across 20 countries.

Out of those questioned, 61% of organisations said they’re in the throes of hammering out their cloud strategy, with between 39% and 47% looking to use a mix of in-house IT, private, public or hybrid off-premise environments.

None of the participating organisations said they plan on adopting a public cloud-only strategy.

The private cloud has been favoured by many organisations as a means to test the waters before embarking on more complex or public deployments.

This trend seems to be holding true for the financial sector, with 18% of companies that are still getting started in the cloud favouring private deployments.

Conversely, just 9% of respondents that claim to have a relatively mature cloud strategy said they’re planning to go down the private cloud route.

Read more about cloud security

Organisations whose customers are more open to using digital services – such as mobile apps and online banking – were also shown to be less reticent about moving to the cloud, while companies with a strict no-cloud policy were shown to have a larger proportion of customers who relied more on face-to-face or paper-based services.

Security concerns were cited as the main reason why some firms adopted a private cloud-only stance, followed by compliance, privacy and data retention worries.

However, these areas remain a continued concern for other respondents that are further along the cloud adoption curve, the CSA research notes.

When asked for further detail about the specifics of their security concerns, 60% ranked data confidentiality as their top worry, followed by lose of control of their data (57%) and compliance issues (51%).

“Each of the issues represents an opportunity for cloud and technology providers to strengthen their offerings to enable financial services firms to better leverage the power of cloud computing,” the report stated.  

This is hardly surprising, given how tightly regulated the financial services sector is notorious for being, but – despite this – the report also shines a light on the reasons why it stands to benefit from embracing cloud.

These include greater infrastructure flexibility, reduced total cost of ownership and shortened time to market for new customer offerings.

CSA CEO Jim Reavis said he hopes the report’s findings will be seized on by the cloud provider community to ensure the services they offer the financial services sector are fit for purpose.

“The results of this report are insightful into understanding how the financial services industry is progressing in terms of cloud adoption and how cloud providers can best serve their interests and needs,” he said.

Read more on Regulatory compliance and standard requirements