Industry Trends

Benefits of Using CASBs in Financial Services

By Bill Hogan | September 26, 2017

The cloud and cloud-based applications have revolutionized business operations across industries. The proven business benefits of cloud adoption have made multi-cloud environments the preferred method for data storage and computing, with 81 percent of organizations indicating they have adopted a hybrid cloud solution. 

How Financial Services Firms Can Benefit from Cloud Use

The financial services sector is one industry benefiting from cloud adoption, not only from the increased services they can provide consumers, but also through cloud-enabled solutions. Bank employees require access to SaaS solutions and CRMs enabled by the public cloud that simplify daily tasks, such as Fiserv and Salesforce. These solutions use cloud computing and storage to optimize operations, putting adopters at a distinct advantage in several key areas. These include:

  • Data Analytics: The processing power offered by the cloud gives businesses the ability to quickly gather actionable insights, accelerating data-driven decision-making and consumer offerings.
  • Availability: One of the greatest benefits of the cloud for financial services employees is that there is very low incidence of downtime, and that critical information can be accessed from any location or device.
  • Efficiency: Cloud-enabled tools and applications are increasingly making it easier to collect, collate, and share data, giving financial organizations rapid access to accurate information, and facilitating the sharing of that information between personnel.
  • Flexibility and Scalability: As data sources like the Internet of Things continue to expand, requiring the collection and analysis of enormous amounts of data, the cloud can scale to meet storage and processing needs.

Data Security Risks in the Cloud

There is a clear list of benefits in the pros column for cloud use. These benefits, such as cost savings and speed to market advantages, account for the push from business leaders and C-level executives to transition to the cloud. However, this often occurs with little consideration for cybersecurity. The assumption is typically that once a cloud environment is deployed, IT will quickly figure out how to make it as secure and compliant as other solutions.  

However, this is easier said than done. When moving to the cloud, there are many concerns surrounding data security and visibility, with only 23 percent of organizations completely trusting public clouds to keep their data secure. The challenge for IT is to ensure that the same standards for security that exist within their own network and on-premises resources can be applied to critical data stored within the cloud.

Previously, data was stored on secure databases that only authorized networked devices could access. However, today’s data, including personally identifiable information (PII), is moving out of isolated data centers and into public, private, and SaaS cloud environments to be accessed by a variety of users and devices across increasingly distributed networks. As a result, traditional network security solutions simply don’t provide sufficient data protection. One common solution to this challenge has been to deploy multiple siloed cloud security solutions that address individual risks. However, this creates blind spots within cloud environments, resulting in security gaps, less accurate threat intelligence, and an inability to respond to detected threats in a coordinated fashion.

Additionally, when enterprise IT teams delay, or sometimes do not even respond to employee requests for certain cloud technology due to security protocols, it increases the likelihood that these policies might be circumvented by departments and employees altogether. The resulting surreptitious adoption of cloud-based resources and services is known as shadow IT, and Gartner estimates that it accounts for 30-40 percent of IT spending at large enterprises. This poses an even greater security threat to financial services firms, because without knowledge of the data stored on applications in the public cloud, security policies cannot be met, resulting in noncompliance and additional potential risk.

Despite the potential for decreased security controls and visibility, pressure from users and customers continues to increases daily for financial services organizations to take advantage of the advances and advantages offered by the cloud. To stay competitive, financial services organizations must respond, while finding a way to stay secure and compliant.

Cloud Adoption without Compromising Security or Compliance

Ignoring the cloud in the name of compliance and security is no longer a viable solution, as the benefits to employees, customer engagement, and the overall bottom line have become crystal clear. Consumers and employees have a choice, and in today’s market they will simply look elsewhere if they don’t have access to the tools and services they have come to expect. But risk versus opportunity doesn’t have to represent the horns of a dilemma. Instead, financial institutions can implement Cloud Access Security Brokers (CASB). These tools give financial organizations the ability to adopt needed cloud environments and SaaS applications while implementing their own comprehensive security controls.

CASBs are designed to protect corporate data in the cloud and on hosted SaaS applications in order to provide real-time data visibility and security for cloud-based services, ensuring that traffic between on-premises devices and cloud infrastructure meet the security policies and compliance needs of the organization. Furthermore, CASBs allow organizations to extend advanced security controls housed on the network perimeter out to SaaS applications.

Fortinet’s FortiCASB solution offers deep visibility into data stored within cloud-based applications, as well as user behavior, while ensuring security and compliance with encryption, data loss prevention, and threat detection requirements. By connecting directly to the SaaS provider through a set of industry-based APIs, security teams are able to view the data stored within an application, as well how it is being used and by which accounts. Compliance is ensured through on-demand scanning. New information to be stored within an application can be scanned for threats as well as cross-referenced against the organization’s data leakage policy. Additionally, when your firm’s security or business policies are updated, these updates can be applied to existing data already stored within an application.

Comprehensive reporting and analysis tools are able to identify risks to data and deploy automatic defenses in order to manage security incidents in real-time. To mitigate the risks associated with shadow IT, FortiCASB can be used in conjunction with FortiOS to identify each SaaS solution being used on the network, with additional features for managing unsanctioned usages.

Finally, FortiCASB is also fully integrated with the Fortinet Security Fabric, meaning it is not just another siloed cloud security solution. Rather, as part of a comprehensive Security Fabric, the CASB improves overall security hygiene as more workloads and data move to the cloud. 

Final Thoughts

Due to their highly regulated space, and the nature of the confidential data they store, financial services firms have to carefully balance the competitive opportunities offered by the cloud with the need for security and compliance. Cloud Access Security Brokers empower financial services firms to move into cloud and SaaS virtual environments while maintaining their own security protocols, encryption keys, and policies. With CASBs, financial services firms can securely give employees and consumers the tools they need to embrace digital transformation without compromising security. 

Let’s get a conversation going on Twitter! How do you secure critical information in the cloud