Experts estimate there are more than 14,000 attacks on networks and systems every day, with new vulnerabilities in critical software increasing by 50% annually. These are alarming stats for any IT organization, but especially those in sensitive industries like banking. These stats are also why security is one of the key hesitations when it comes to migrating to the public cloud. In fact, big U.S. banks have been referred to as one of the last major strongholds of old-line technology companies. No wonder, then, that Amazon Web Services (AWS) has been approaching banks like Citigroup, Goldman Sachs, and J.P. Morgan Chase to educate them on the benefits and advanced security features of the public cloud.
However, winning business from companies with such high security and regulatory compliance standards is no easy task. According to an article from Dow Jones Business News, “the offering in theory could help banks shift their tech spending to newer areas and away from maintaining so many data centers. The hurdle is that Amazon’s is a public cloud business, open to anybody. Banks, which have relied on their own private infrastructure to this point, would need to feel comfortable about security and ease any concerns from regulators before moving ahead.”
Not only does AWS offer hundreds of tools and features to help banks meet security requirements around visibility, auditability, controllability, and agility, but AWS also partners with third party security firms and managed service providers (MSPs) – like Datapipe – to provide expertise and help guide companies through the best practices of AWS policies, architecture, and operational processes necessary to satisfy the requirements of security sensitive customers, like big banks.
What AWS and its partners are able to offer is Defense in Depth, a proven security model that meets the most rigorous standards of confidentiality, integrity, and availability, ensuring the ongoing security of all mission-critical digital assets. This means layered security that goes beyond the basic security features of AWS – continuous audit, data encryption, DDoS protection, intrusion detection services, etc. – to include the best third party security features and comprehensive compliance services on the market. This offers anyone – even big banks – the security they need. A quick highlight of two of Datapipe’s own AWS-specific security features that play into this defense model:
- 2Factor Secure Cloud Access: An integration of our own two-factor authentication service, Datapipe Auth, with FortyCloud’s SaaS security model to deliver enhanced security, access, and control by providing the capability for managing the two-factor authentication soft token service with role-based access control.
- Datapipe Access Control Model for AWS: DACMA lets enterprise businesses take advantage of Datapipe’s AWS managed services without requiring them to hand over the administrator-level credentials. The model also allows for an enhanced level of security and control through role based access and tracking, clearly establishing and tracking the accountability and actions of all users.
Even with these expansive security options, however, the Dow Jones article makes the point that “some banks still have concerns about privacy and security, and even the banks that are using the cloud are keeping their core banking activities and data on their own platforms.”
The good news, though, is that times are changing and more banks are becoming more willing to consider the public cloud. Of the banks AWS has approached, J.P. Morgan is exploring using the public cloud in some instances to trim expenses and increase flexibility in storage space. Capitol One is planning to reduce its data centers to three from eight by using AWS for a range of processes, including its mobile banking app. The comprehensive yet flexible security features and compliance services offered by AWS and its partners are no doubt a large part of these banks’ decision to move to the cloud.