The recently issued advisory to all financial institutions operating in the country by the Monetary Authority of Singapore (MAS) outlined a need for a comprehensive view to developing a public cloud risk management strategy.
As the financial services industry adopts digital banking and online services, public clouds are becoming an alternative and efficient way to deliver services to customers online. As such the need to review, analyse, mitigate and recover from online breaches has become imperative.
Recognising developing trends and the emergence of data hyperscaler platforms including Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure, the advisory highlighted the need for financial institutions (FI) to take full responsibility for securing their data, the privacy of customer's identifiable information and workloads especially, in the public cloud.
The advisory details the need for financial institutions to perform a comprehensive and future-ready risk assessment to ensure a high standard of compliance controls, data governance and mitigation protocols commensurate with the risks posed by public cloud services.
A paradigm shift in thinking
This is significant and a proactive shift in thinking from one of the leading central banks in the region. Acknowledging the value of digital banking and financial services, MAS is recognising the increasing importance of not only public clouds but also a multi-cloud operating environment for the financial services industry in Singapore.
And in line with that, has identified a set of guidelines to protect proactively, customer, enterprise and archival data, ensuring high standards of data privacy, handling and access control standards.
Public clouds appeal not only to traditional banks looking to transform their business in this new economy but to newly minted digital banks in Singapore, which were issued licenses by the MAS earlier this year.
Digital banks operate on digital platforms exclusively and rely on artificial intelligence and big data analysis. Public clouds help to provide more robust real-time updates, speed up account approval times, and improve personalisation for thousands of potential customers.
Data security key to mitigating risks
A key point from the advisory was data security and the handling of data within the banking ecosystem. Advising banks and financial institutions to look at Identity and Access Management (IAM), securing data assets, as well as cryptographic key management, for example, the MAS specifies common risks associated with the public cloud and provides recommendations for control measures for financial institutions.
It is apparent that the MAS is working to strengthen cloud security controls and protocols for the industry to limit the risk of compromise and boost global industry and consumer confidence. Another key takeaway from the advisory was the recognition of public clouds and a multi-cloud environment as operating norms for the financial services industry.
The MAS advisory also highlights the need to review, ensure cloud resilience, manage services outsourcing, vendor lock-in and address risks from cloud services, platform concentration. The objective of the MAS is to drive a proactive approach to manage the broad spectrum of risk associated with data cloud services and delivery models.
The MAS is prescient in addressing the risks posed by a public cloud and multi-cloud operating environment. A Boston Consulting Group reports estimated that by 2025, almost 40% of data warehouse and analytic workloads and more than 30% of core business applications in the financial services industry will be running on public clouds.
It is not difficult to imagine how the pandemic has accelerated public cloud adoption, especially as consumer demand for internet banking continued to increase in the wake of the restricted movement and lockdowns.
Challenges remain in implementing data management
However, many institutions globally are still grappling with challenges specific to the public cloud including data privacy, security, governance, compliance, and protecting cloud resources.
Moreover, with many organisations using a combination of cloud and on-premises solutions, the need to incorporate the remote workforce, the incidence of data silos and mass data fragmentation becomes an all too familiar issue.
Financial institutions require an appropriate, relevant data security measures protocol to protect the confidentiality, integrity of sensitive data in the public cloud, while taking into consideration data-at-rest, data-in-motion, and data-in-use where applicable.
This is exacerbated when financial institutions have to deal with complex data centre infrastructure, manage multi-cloud environments, deal with fragmented silos for backup and a sprawling application asset.
As a result, multiple point-based data management applications only increase complexities affecting storage performance, efficiency, and costs for financial institutions.
A solution build for hyperscaling
In this rapidly developing data management landscape, financial institutions need solutions that will help them not only address their main data protection-related requirements but also enable them to implement broader infrastructure strategies including automation, analytics, multi-cloud adoption, and storage consolidation.
A solution to this complex problem is to view data management holistically, and by consolidating all secondary workloads and data services at web scale.
Built as a scale-out platform with linear pay-as-you-grow scalability and always-on availability, the solution eliminates the need for mass data migrations and 'forklift' upgrades. This enables organisations to maximise space, cost and operational efficiency.
By running a hyper-converged backup and recovery solution organisations replace multiple data protection silos including media servers, cloud gateways and storage with a single view, converged solution.
This approach eliminates secondary storage silos, consolidating backups, files,
objects, test/dev, and analytics data. It enables IT managers to control all secondary data operations with converged data protection, automate Disaster Recovery and cloud migration, as well as automate DevOps. By creating a single data fabric spanning the edge to the cloud, the solution enables data and application mobility across multi-cloud environments.
In summary, it is imperative the financial institutions, review solutions that go beyond their core needs of addressing backup and restore challenges but also solutions that cater to managing workloads for analytics, DevOps, secondary storage consolidation, and implementing a cloud-ready environment.
By looking at broader solutions, organisations can not only address core data security and risks mitigation requirements highlighted by the MAS advisory, but also increase the benefits, including operating in a hybrid, multi-cloud, environment with an end-to-end data management platform for long-term archiving, retention, and analytics strategies.