Financial firms can improve the coherence of their cloud strategy by understanding their environment, a CSA report found.
Cloud computing is becoming more and more prevalent in the financial sector, though many respondents of a recent survey claimed to have less than 50 percent of a solidified, concerted cloud strategy, with controls and security being main concerns.
According to the worldwide survey of more than 100 professionals conducted by the Cloud Security Alliance (CSA) and sponsored by CipherCloud, 61 percent of respondents believe a cloud strategy is in the formative stages within their organization, with 39 to 47 percent planning to use a mix of in-house IT, private and public clouds, and 18 percent planning to use private clouds.
None of the respondents has plans to be hosted mostly in a public cloud, according to the report.
"Primarily the top security concerns were more focused around data protection," Luciano Santos, vice president of research and member services at the Cloud Security Alliance, told eWEEK
. "Data confidentiality, data governance and data breach were the top-ranked security concerns identified by the financial institutions that participated."
Santos said financial firms can improve the coherence of their cloud strategy by understanding their environment.
The results of the survey also found that the higher the electronic channel transaction base among a firm's customers, the less strict the cloud policy, with only 3 percent of these types of organizations saying they have a strict cloud policy in place.
Financial services firms are also eager to see increased transparency and better auditing controls (80 percent) from their cloud providers, even more so than better data encryption (57 percent).
As to why their companies are moving to the cloud, respondents put flexible infrastructure capacity at the top of their list (68 percent), followed closely by the need for reduced time for provisioning (63 percent).
"Financial institutions need to understand the business needs for cloud. Where does it make sense, who will have access to their data and what are the regulatory requirements they need to comply to, etc.?" he said. "By properly assessing their cloud usage and risks, organizations can prepare a better cloud strategy."
The top services and features being adopted when moving to the cloud are customer relationship management (CRM) (46 percent), application development (45 percent) and email (41 percent), with back-end services (20 percent) or virtual desks (14 percent) being adopted less frequently.
Finally, in looking at compliance regulation requirements when moving to the cloud, at the top of the list is data protection (75 percent), corporate governance (68 percent), PCI-DSS (54 percent) and national regulations (47 percent).
"In terms of the cloud changing financial firms' IT infrastructure in the near future, the cloud will allow financial institutions to scale their IT Infrastructure to meet the demands of customers and technology," Santos said. "I can see this being a key driver to cloud adoption in the financial services sector."