Nowadays, financial organizations face two main IT security challenges. They operate with the large volume of highly sensitive information, such as credit card data, personal identifiers, etc. that is highly attractive for attackers to steal. They should invest mush effort and budget to the data access security. Second thing is that financial organizations in the U.S. are supervised by many agencies, including the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation, and have to prove their accordance to the compliance standards to avoid litigation and financial penalties.
Experts says that cloud adoption improves the ability of financial organizations to meet these challenges. Despite the the increasing popularity of the cloud there are still debates about cloud benefits tailored specifically for financial organizations and the impact of the cloud on data and system security. The results of Netwrix 2016 Cloud Security Survey indicate top concerns and benefits associated with cloud technology and readiness of the financial institutions to embrace the cloud.
Drawback of Cloud Technology Perception
The Netwrix survey found that the security and privacy of data in the cloud remains the top concern for the majority of financial organizations (85%). 17% of IT pros said that they are not ready at all to move their entire IT infrastructure to the cloud due to security concerns. In order to keep sensitive data secure and avoid compliance issues, many banks either have a strict ‘no-cloud’ policy or choose private cloud deployment options, which let banks retain greater customization and control than the public cloud (but require additional investments).
Top Security Concerns About the Cloud
Most financial organizations (80%) named unauthorized access and account hijacking as the leading security threats associated with the cloud. Threats to sensitive data can hide behind any account, active or expired; no wonder, then, that account management is one of the priorities that PCI DSS, GLBA and other industry standards set for financial institutions. Over 58% of respondents said that the activities of their own employees are of particular concern, since the human factor (e.g., mistakes, negligence and deliberate malicious actions) is often the root cause of security incidents.
95% of financial organizations consider visibility into what’s going on in IT environments to be a critical part of security