Despite the digital revolution taking hold in the financial world, the financial industry appears to be hesitating when it comes to cloud computing. Around the world, a whopping 83% of financial professionals do not trust cloud computing, and only 36% understand the technology, according to a survey by Savoy Stewart.
The survey asked 6,000 professionals across six countries and five industries their opinions on cloud computing. Across the board, financial professionals – more than any other sector surveyed – distrusted cloud computing, citing concerns about data leaks and a lack of control.
For comparison, in the hospitality sector, only 5% of those surveyed distrusted cloud computing, and only 31% of the tech sector felt the same way. Financial professionals in Italy were the least trusting of cloud computing (89%), followed by the US (88%), UK (85%), Germany (83%), Spain (79%), and France (75%).
Where does the distrust come from?
This survey comes on the heels of the Financial Stability Board’s findings that third-party cloud services could create new financial stability risks, due in part to the market’s concentrated nature.
“Potential concentration in third-party provision could result in systemic effects in the case of a large-scale operational failure or insolvency if (financial institutions) do not appropriately manage third-party risks at the firm level,” the FSB report said.
The FSB report goes on to explain that financial institutions within the same geographical area tend to use the same software. As such, if there were any security flaws in the software, and they were exploited, it could create large-scale chaos.
However, developers put a lot of security measures into their products, so any potential problems should not be construed as a reason to avoid cloud software. On the contrary, cloud software offers a number of security checks and encryption protocols to avoid any potential security mishaps.
The FSB’s report even notes that “traditional data centres could be more vulnerable to physical disruptions than newer services,” and reiterates that the potential problems that may arise with cloud services often come from issues with the third-party relationship – not the software, or software type, itself.
However, the fear around cloud computing security is understandable. In March 2019, Capital One Financial was hit by a large-scale data breach which stole the personal information of 106m credit card holders and applicants in the United States and Canada.
That breach was allegedly done by one person, a former computer systems engineer for Amazon Web Services – the cloud computing service where Capital One’s data was stored.
Can the trust be rebuilt?
Research from City University sought to explore ways to build trust within cloud computing, acknowledging that it inherently draws critical attention. While their proposed model focuses on the relationships between service and infrastructure providers, it highlights an all-important part of the solution: reputation.
When the Capital One data breach happened, the institution’s public reputation received a harsh blow. Cardholders became nervous, and it even affected the reputation of rival financial institutions who also used cloud computing.
However, Capital One’s CEO got out in front of the mistake, apologising to the public and saying that he was “committed to making it right.” These human actions are one of the key ways that trust in cloud computing can be created and rebuilt – not as the whole answer, but as a part of the solution.
As a platform, cloud offers many benefits to a company, but none of those benefits matter if a financial team or client feels uncomfortable using it. Part of rebuilding the trust in cloud computing comes from choosing and vetting reputable software providers, then trying to trust the process as much as possible.
This step is difficult, particularly when stories like the Capital One fiasco break. However, there are a number of benefits to cloud computing, particularly as firms react to security flaws and patch them.
As iland’s Frank Krieger wrote for Financial Director, “Cloud providers are acutely aware of their huge responsibility to keep their organisations up and running while complying with data regulations. If cloud providers want to offer services to some of the world’s most highly regulated industries, they must exceed the most stringent regulatory standards.”
Although breaches do happen, it is important to remember that no piece of technology is perfect, particularly one which has rapidly evolved over the past decade. When it comes to security, financial institutions have a right to be concerned, but they should not let it hold them back from finding a new solution.