The European Commission's Data Governance Act has had a major impact on the accelerated pace of digitisation for the European economy. The 2030 vision for the European economy is one of greater openness, collaboration and retribution, and this places a greater emphasis on accountability for those companies who have access to customer data.
The shift to multicloud
In many ways, financial institutions face the same technological challenges as any other industries when it comes to digital transformation. The threat landscape continues to grow and is ever-changing. Customer habits have evolved to more remote and digital interactions, and the digital transformation of other industries has spurred the need for banks to modernise their customer service.
The barriers to adoption can vary, from the complexity of legacy systems, to trust and skills gaps, regulatory uncertainty, and fragmentation of compliance requirements.
At the same time, banks face technology challenges associated with infrastructure, applications, processes, data, and customer engagement – grappling with the ever-increasing amount of data they collect while simultaneously pivoting to counter cyber threats in an ever-changing threat landscape.
Some leaders in the banking industry have recognised these obstacles and are adopting an open, hybrid multicloud approach, which can help to balance innovation with security and compliance requirements. An example can be seen with Société Générale’s hybrid cloud approach where it stepped up its migration to cloud-native applications, a cornerstone of its digital transformation, in order to further the cloud-first strategy it kicked off in 2017.
However, this transition is not without its risks.
The biggest risk in your cloud journey
A cloud-based infrastructure provides greater scalability and agility, which allow organisations to adjust more quickly in response to changes in the market.
That said, while the cloud offers great promise, it also presents a danger for banks to get caught-out in the accelerated pace of their shifts to the cloud – inadvertently opening themselves up to unintended vulnerabilities as their sensitive data is transferred not only ‘to’ the cloud, but also ‘in’ and ‘across’ multiple cloud environments.
A critical question to ask yourself is: “what about the access route to these clouds and the transfer of data between them in a multicloud environment?”
Considerations to secure your data as it travels across your multicloud
Multicloud prompt questions about the security of data transport infrastructure. Banking data is obviously critical. Even though banks created SWIFT—a secure, non-Internet network for wire transfers—they have not had the same impulse to do the same for personal data. The connection interface is crucial though: in a more connected economy, data will eventually need to flow from one point to another, and these flows must be at least as secure. To borrow an analogy from the banking sector, safes have not eliminated the need for armoured cars.
Even today, certain applications are accessible over the Internet, whether for technical reasons or for the sake of simplicity. If companies rely solely on Internet service providers (ISPs), they relinquish all control over network availability, security, and confidentiality. If malicious third-party networks manage to intercept traffic or if the network suffers a denial-of-service attack, this poses a risk of losing the connection needed to allow certain applications to function properly. Should we err on the side of flexibility? Performance? Security? Scalability?
This choice will determine the preference for a public network, a network managed by an operator, or switching back and forth between the two. More complex needs require the more agile and dynamic use of a variety of routes – one that leads to a multicloud environment.
Financial institutions, therefore, have another major project ahead of them, as they must now implement these secure interconnection interfaces: private networks, encryption, dedicated spaces, flow authentication, enhanced Internet, route monitoring, total control of cloud destinations, agility to adapt this infrastructure to new businesses challenges, and so on.
Data transport is vital and deserves the utmost attention from executive management teams. Otherwise, they may find out the hard way that data storage compliance and security measures are useless if they do not extend to the routes along which the data moves.
In the current climate, where customer behaviours and expectations are continually evolving, flexibility and adaptability are key. Banks looking to accelerate their digital transformation will benefit from a multicloud environment, but only if they also pay attention to how they interconnect their environments in a smarter, more secure way.