Technology & Innovation

Cloud security: how to mitigate risks and maintain fraud resilience

Published by
Karolina Skinner

Marius Galdikas, CEO at online banking service provider ConnectPay, shares some insights into cloud security – mitigating related risks and maintaining the necessary levels of fraud resilience. 

Legacy vs cloud – what is better for the financial sector?

Big Tech cloud providers, such as Amazon or Google, have played a major role in developing innovative cloud solutions and services. However, there has been rising chatter about the unbalanced concentration of power as a result of this ever-increasing data migration to the cloud. Recently, the Bank of England issued a report singling out opaque practices of major cloud providers, calling into question whether the current regulatory oversight is enough to ensure the security of cloud systems and sensitive financial data.

While security warnings might lead some companies to deploy a private cloud, Galdikas notes that, in terms of risk, setting up infrastructure, that matches the standards of Big Tech, from scratch is a difficult and expensive undertaking and, at the end of the day, probably will prove to be a riskier choice than choosing a public cloud service. 

"Public cloud providers, Big Tech included, have significantly contributed to innovation in the finance sector, whereas IaaS and SaaS solutions are now the usual building blocks of every new company. Moreover, public cloud streamlines scaling, enabling to bypass capacity issues or sinking millions into underutilised infrastructure upfront," said Galdikas. 

Same goal, different approach

Fintechs and traditional financial institutions have been noted to take a different approach to cloud adoption. 

While Fintechs at scale choose to migrate some of the operations to the private cloud, according to the Bank of England, established banks are doing quite the opposite – moving critical infrastructure onto the public cloud.

According to Galdikas, the two approaches vary for historical reasons. Fresh fintechs tend to use public clouds because it is an affordable solution to streamline processes and manage operations from afar. As they grow in terms of size and resources, some shift to private cloud to have a firmer grip on the security of their data. Switching to the latter diversifies the risks, considering that moving all of the critical services onto the infrastructure of a single provider might place the company in a vulnerable position. Banks, on the other hand, started with a long-standing legacy infrastructure set up and are moving to the public cloud as part of their digital transformation efforts. Even though their approach might differ, banks and fintechs share the same goal – to provide faster and safer services.

Distribution over different platforms to reduce risks

Overall, the increasing amount of critical data is hinting at a need for a more robust security framework. While setting up more regulatory safeguards should be left to the authorities, Galdikas emphasized what can be done from the financial institution’s (FI’s) point of view to mitigate the transition risks.

"The ecosystem that FIs operate in needs to be distributed between different platforms and providers both in the form of SaaS, public cloud, private cloud, and local Infrastructure service providers," he noted. "New data protection laws are continuously being put in place worldwide, which makes operating a digital ecosystem an even more cumbersome task. For example, some countries, regions require customer data to be captured and stored, first and foremost, on infrastructure physically present in the country or dictate specific encryption algorithms to be used for such data stored," Galdikas explained, outlining why distribution over different service providers might be more efficient in reducing risks than opting for more regulation.

He concluded by emphasizing that FIs should be leading the efforts in ensuring that systems meet the levels of fraud resilience necessary for the financial services sector.

"It is up to financial institutions to ensure that the operations they run and data they process is always secure, as they are the ones bearing the trust of their customers. Yet there are specific areas for cloud providers to maintain standards in, for instance, monitoring that safeguards are kept up to date with the current technology. Ultimately, in order to maintain the stability of the financial sector and mitigate risks, both sides will need to stay on top of technological challenges."

About ConnectPay

ConnectPay is an online banking service provider for internet-based companies, offering a wide range of payment solutions, including SEPA and SWIFT payments, IBAN multi-currency accounts, Mastercard online card payments, and merchant accounts.

Karolina Skinner

Recent Posts

Gloucester's Mears Group confirms £125m contract

Gloucester-based Mears Group, a leading provider of services to the UK Housing sector, has confirmed…

49 mins ago

Coventry’s MTC to revolutionise tunnel infrastructure installation with robotic AI

A consortium of mechanical and civil engineering, and robotic automation industry leaders, including Tunnel Engineering…

55 mins ago

National Cyber Security Centre: Tech market not working

The market for technology isn’t working, according to the Chief Technology Officer of the National…

57 mins ago

Industrial products supplier building on rich history to forge expansion plans

A leading UK industrial products supplier is expanding its UK fasteners division in Longborough, Gloucestershire,…

1 hour ago

UK food and farming under threat

By Ian Mean, Business West Gloucestershire director Here in Gloucestershire, many farmers are really on…

1 hour ago

West Midlands housing association Bromford delivers strong results

South West and West Midlands housing association Bromford has announced another year of strong financial…

1 hour ago