Wednesday, February 20, 2013

Cloud Sprawl in Financial Institutions

Leaking Data to the Cloud

Bob Lund, chairman and CEO

According to Computer Business Review, Cloud Sprawl is defined as the uncontrolled use of public cloud services in an organization with little or no input from management or IT.  It is especially problematic in the financial industry where rapidly growing amounts and variety of data have surpassed the IT department’s ability to provide adequate data management solutions.

Here’s a common scenario: one bank department uses Amazon Cloud Drive while another uses SkyDrive, and other employees use Apple iCloud or DropBox for collaboration.  None of the solutions are compliant with banking regulation, nor under the supervision of the IT group.

The growth of Cloud Sprawl is being driven by complex and lengthy IT provisioning processes, an unmet need for flexible, available document management solutions, the low price point of public cloud services and applications (easy to charge to a p-card), and the familiarity of employees with public cloud services.

The key concern for financial institutions is that uncontrolled public cloud deployment models are leading to security and compliance risks.

Some of the specific problems that Cloud Sprawl poses for financial institutions include:
  • Data resident in accounts that don’t meet the bank’s security or compliance standards
  • Unauthorized access to regulated data, including customer data
  • Employees forgetting to delete data in cloud accounts that they set up
  • Potential of data loss if the owner of a cloud account leaves the bank
  • No corporate ability to audit usage and content of disparate cloud accounts and resulting inability to identify data risk and compliance problems
Not surprisingly, 67 percent of IT executives at companies with over 1,000 employees are worried about Cloud Sprawl, according to a 2012 study by Vanson Bourne.  Fifty-four percent of these IT executives admit they are unsure how many cloud services their employees use.  Worse, 20 percent of IT executives say it is “impossible” to manage disparate cloud services, finds Kelton Research.

eGistics provides applications for financial services that help control Cloud Sprawl, and delivers them on a highly secure, highly scalable cloud platform that offers:
  • Tight user security 
  • Activity audit reporting
  • Data management procedures focused on banking compliance
  • Centralized administrative control over secured data and its access
  • Standardized workflows and processes 
The eGistics Cloud Sprawl solution builds on our:
  • Fourteen-year track record in delivering cloud solutions
  • Footprint in the largest financial institutions
  • World-class infrastructure designed for data security and 7/24/365 access
  • PCI certification and compliance with HIPAA, SSAE 16, SOC 1 & 2, and FFIEC
Feedback
If you are in a financial institution, and are seeing the effects of cloud sprawl, share your ideas and experiences!