Leaking Data to the Cloud
Bob Lund, chairman and CEOAccording to Computer Business Review, Cloud Sprawl is defined as the uncontrolled use of public cloud services in an organization with little or no input from management or IT. It is especially problematic in the financial industry where rapidly growing amounts and variety of data have surpassed the IT department’s ability to provide adequate data management solutions.
Here’s a common scenario: one bank department uses Amazon Cloud Drive while another uses SkyDrive, and other employees use Apple iCloud or DropBox for collaboration. None of the solutions are compliant with banking regulation, nor under the supervision of the IT group.
The growth of Cloud Sprawl is being driven by complex and lengthy IT provisioning processes, an unmet need for flexible, available document management solutions, the low price point of public cloud services and applications (easy to charge to a p-card), and the familiarity of employees with public cloud services.
The key concern for financial institutions is that uncontrolled public cloud deployment models are leading to security and compliance risks.
Some of the specific problems that Cloud Sprawl poses for financial institutions include:
- Data resident in accounts that don’t meet the bank’s security or compliance standards
- Unauthorized access to regulated data, including customer data
- Employees forgetting to delete data in cloud accounts that they set up
- Potential of data loss if the owner of a cloud account leaves the bank
- No corporate ability to audit usage and content of disparate cloud accounts and resulting inability to identify data risk and compliance problems
- Tight user security
- Activity audit reporting
- Data management procedures focused on banking compliance
- Centralized administrative control over secured data and its access
- Standardized workflows and processes
- Fourteen-year track record in delivering cloud solutions
- Footprint in the largest financial institutions
- World-class infrastructure designed for data security and 7/24/365 access
- PCI certification and compliance with HIPAA, SSAE 16, SOC 1 & 2, and FFIEC
If you are in a financial institution, and are seeing the effects of cloud sprawl, share your ideas and experiences!
Hey nice article and info, so true about cloud storage getting out of hand for some companies. I will have to read more of what you have, thanks for putting this out. We are just out doing some research.
ReplyDeletethanks, Will