Hybrid Cloud’s Impact on Financial Services Security

A hybrid cloud strategy has always promised and delivered reduced costs, increased agility, improved operational efficiencies and greater ability to accommodate new technological advancements. The biggest question for financial institutions is whether the combination of traditional on-premises storage with public and private clouds provides sufficient security and governance measures to withstand constant threats of fraud and data breaches.

Now that the New York State Department of Financial Services (NYDFS) Cybersecurity Regulations have gone into effect, a model for all financial institutions has been established, not just those operating within the Empire State.

NYDFS, along with the California Consumer Privacy Act (CCPA), represents the most recent regulations following the enactment of the General Data Protection Regulation (GDPR) in Europe and the Notifiable Data Breaches (NDB) scheme in Australia. They are essential to ensure continued trust among the public and government overseers while placing even more pressure on financial institutions to ensure data security and privacy as they continue to embark on massive cloud migrations.

The Great Cloud Migration is Well Underway

The biggest institutions such as Citibank, JPMorgan Chase and Bank of America have already embraced hybrid cloud strategies. They will remain under the public microscope, particularly when egregious mistakes leading to the exposure of sensitive customer information occur.

There is also rapidly increasing interest from regulators regarding which workloads run on what cloud vendors. Their concern is about the systemic risk inherent in overdependency on a single cloud vendor.

The irony is that while hybrid cloud environments can create security risks because organizations constantly move data between private and/or on-premises environments and a public cloud, they also can enable greater disaster recovery and increased data security. As a result, banks will be in a much better state to achieve regulatory compliance. That’s because it’s often easier to protect data when it’s in a single place rather than spread across multiple silos across the organization. Additionally, cloud vendors have a huge vested interest in ensuring data security.

Hybrid Environments Offer Seamless Operations, Greater Flexibility

One of the world’s largest banks has used a hybrid on-premises/multi-public cloud/private cloud environment for several years and, for some use cases, switches huge workloads from AWS to Microsoft Azure every day. It’s a remarkably seamless operation—so much so that the users in the bank have no idea which cloud they’re working on, nor do they care. From an IT perspective, it not only provides the bank with complete flexibility, but it also guarantees disaster recovery because the bank is working on both platforms equally and seamlessly.

It’s also a great price-negotiation platform. As one colleague joked, “Cloud is the new mainframe, so going cloud-native with a single vendor could lock you in forever—and you know how hard it is to get rid of mainframes.”

Meanwhile, several other financial institutions are leveraging the capability of a hybrid architecture to accommodate critical innovations in big data, advanced analytics, artificial intelligence (AI) and machine learning (ML) to fortify their security posture.

More Robust Fraud Management Framework

In the wake of these new laws, many regulators are encouraging financial firms to aggressively utilize emerging technologies such as machine learning and advanced simulation techniques to detect and flag unusual data activity to prevent fraud.

For example, instead of looking backward at historical data, agent-based model simulations can be developed to generate synthetic transaction data that is a highly accurate digital mirror of real-world data. Plus, it can potentially predict future types of fraud that have not yet been observed.

Solutions such as these are rapidly becoming a core component of the fraud management framework for financial services firms to maintain trust among customers.

Greater Customer Experiences

It’s not just fraud prevention that financial institutions benefit from when leveraging data analytics’ capabilities made possible by a high-capacity environment.

For example, data-driven insights that enhance the customer experience are now being derived from analyses of traditional credit card fraud. The same data that’s used to catch bad actors and fraud also contains a treasure trove of data on a business’s best customers. The highest-value customers don’t just make one big purchase every so often like a fraudster—they make multiple purchases in a shorter amount of time on a regular basis.

That same data can be leveraged to upsell and cross-sell those customers, all based on data-driven insights using analytics and machine learning that wouldn’t be possible without the massive data capabilities provided by a hybrid cloud environment.

While the usual FUD (fear, uncertainty and doubt) still exists in the relatively new era of hybrid cloud environments, financial services firms should take comfort in knowing that the basic architecture’s agility and scale can only increase their data security and governance initiatives. As these solutions continue to mature, financial institutions will not only continue to achieve its initial promise, but they’ll also be able to meet ever-stringent regulatory initiatives while continuing to improve customer satisfaction.


This article was co-authored by Dr. Richard L. Harmon, managing director, Financial Services at Cloudera. He has been working in the financial industry for more than three decades. He co-founded a GMAC-funded Risk Management & Analytics startup called Risk Monitors, which was acquired by BlackRock. He then started and managed the North American business for Norkom Technologies, which was later sold to BAE systems. Starting in 2010, Richard was the Director of SAP’s EMEA Capital Markets group for six years, where he helped grow the business across the EMEA region. 

He holds a Ph.D. in Economics with a specialization in Econometrics from Georgetown University. 

Steven Totman

Avatar photo

Steven Totman

For the last 5 years he has worked with over 520 financial services firms globally including 82 of the top 100 banks to monetize their big data assets using Cloudera’s Enterprise Data Cloud. Previously Steve ran strategy for a mainframe-to-Hadoop company and drove product strategy at IBM for DataStage and Information Server after joining with the Ascential acquisition via Informix and Ardent. He architected IBM’s Infosphere product suite and led the design and creation of governance and metadata products like Business Glossary and Metadata Workbench now called IGC and ran IBM’s industry models team. Steve holds several patents for data-integration and governance/metadata-related designs.

steven-totman has 1 posts and counting.See all posts by steven-totman