Financial institutions benefit from cloud, but face security risks

April 12, 2012

By this point, the cloud has infiltrated virtually every industry. Organizations have come to rely on the cloud for a wide range of services that have become increasingly ingrained into their most basic business operations.

However, as ComptuerWorld's Dan Morris recently pointed out, financial institutions have not yet embraced the cloud with the same fervor as many other business sectors. As he explains, while there are a number of reasons for this hesitancy, financial institutions as a group would likely reap significant benefits from transitioning to the cloud, so long as they incorporate proper planning and security measures in the process.

Morris writes that perhaps the most notable and obvious advantages of cloud computing for financial institutions are the basic service and cost benefits that standardized cloud operations such as email, intranet and collaboration tools present. These services provide significant advantages in terms of economies of scale. Cloud-based email can simultaneously remove the risk of over-investment or underinvestment in hardware solutions because it can easily be tailored to fit an organization's needs at any time. This is particularly beneficial for financial institutions, as the unstable economy means that financial institutions' numbers of clients and employees can vascilate significantly in a short period of time.

Additionally, because they are so pervasive and established, Morris claims that these types of cloud services are known quantities. Consequently, they are unlikely to offer unexpected growing pains to financial institutions that adopt them.

However, as advantageous as these traits are, there are undoubtedly serious security concerns that financial institutions must address as they make the transition to the cloud. Because it is so different from technology that has preceded it, the cloud represents unique security challenges. These issues are particularly relevant for banks and credit unions, simply by virtue of the extremely sensitive information they possess.

Hackers are well aware of the value of financial institutions' information and are increasingly focusing their attention on acquiring it. A recent study found that of 21,030 phishing attacks reported in February 2012, 76 percent were directed at national banks, an increase of 8 percent from the month before.

Writing for Forbes, Siva G. Narendra points out that using the cloud can create a high concentration of valuable financial information, such as credit cards or bank account numbers. This convergence can draw unwanted attention from cyberattackers, requiring cloud security measures of the highest order.

-McAfee Cloud Security