Data privacy and system security on cloud computing architechture for banking and financial services industry

Data privacy and system security on cloud computing architechture for banking and financial services industry

To operate in cloud computing environment, organizations need to adhere to policies, procedures, and controls to deliver technology services to business system users. Despite following globally known frameworks and ISO standards, cloud computing architecture and cloud computing infrastructure remains to be under constant monitoring and assessment. Cloud computing infrastructure provides access to data and applications from any location, and this has made organizations (specifically Banking and Financial Services Corporations) to keep evaluating privacy and security frameworks. Banking and Financial Services Corporations have data and applications which are internally developed to remain ahead of competition. These data and applications become the Intellectual Property (IP) that serves specific business processes and goals. When these data and applications can be accessed from remote locations, there are a potential risks of data leakages and erosion of IP over a period. Data privacy and security of cloud architecture infrastructure continues to be the challenge across the globe and for Banking and Financial Services Corporations, where customer financial details are stored over system, the area continues to be of further importance. Considering these problems associated with cloud computing, this research develops a research question about risk added by cloud computing to data privacy and system security for Banking and Financial Services Corporations. This research includes survey in the areas of importance for cloud users while using cloud infrastructure for Banking and Financial Services Corporations. This thesis collects feedback from identified sample size of academicians and professionals from information, communication, and technology (ICT) background, for areas of cloud governance, cloud security and perception towards cloud computing for Banking and Financial Services Corporations. In this thesis, I have identified various issues and challenges faced by Banking and Financial Services Corporations and discussed the importance of governance & security required for these organizations. Upon reflection this research provides areas of constant monitoring, assessment and upgrades required for data privacy and security on cloud computing infrastructure. This research examines the current cloud architecture and infrastructure management and governance practices in Banking and Financial Services Corporations and concludes by providing detailed achievement of the thesis. This research concludes that managing data categories ii and application types is complex over cloud architecture. To manage this complexity, cloud architecture and infrastructure will continue to demand financial investment. This research further answers the research question that to enforce data privacy and system security, dedicated incident and problem management team, legal expertise to form cloud management contracts, dedicated team for managing cloud security penetration testing teams, dedicated human resources with relevant work experience, IT Risk management framework and alert & monitoring for ongoing use of cloud infrastructure will be required to measure and control cloud computing architecture and infrastructure. This research concludes to confirm quarterly review of roles and responsibility of cyber security executives along with security framework and governance structure. This research confirms need of dedicated budget, business continuity plans, ethical controls within cyber security teams and job rotation within cyber security executives. Cyber security executives must be continuously educated about recent cyber-attacks and potential losses incurred by other organizations. This research concludes that Digital transformation demand investment into new cloud infrastructure to prevent data leakages risk to customer data. Third Party cloud service providers plays key role in managing cloud security. Risk event and risk mitigation plans are mandatory for digital transformation. This concludes that there is need of specific technological tools and human skills to manage specific forensic investigations. This research also suggest that IT Security contract needs special handling in special investigation scenarios. This research also provides perception of the survey participants towards ease of cloud computing. The focus of this research is on practical utility providing researchers with results that are more readily endorsed, thus maximising the impact of the research findings in practice.

File reproduced in accordance with the copyright policy of the publisher/author/creator.