Public cloud infrastructure-as-a-service (IaaS) offerings, such as AWS, Azure, or Google Cloud Platform, can quickly and economically accommodate unexpected or temporary business computing workloads. Many enterprises have extended their private data centers to the public cloud for a hybrid cloud model for competitive and operational benefits. However, proper alignment of security and resiliency to enterprise standards and policies are still required. In the financial services industry, concerns over data, workload and infrastructure security have slowed adoption of public cloud computing. Regardless of where it resides, a financial institution’s data is ultimately the target of malicious entities. Moving some of that data to the public cloud does not shift responsibility for it as this cannot be delegated in the eyes of regulators. Financial institutions must take appropriate measures to protect data residing in the public cloud as well.
Many in the financial services industry want to leverage the agility, flexibility and advanced capabilities available in the public cloud to complement their private data centers while ensuring intellectual property, regulated data (e.g., PII) and other sensitive data are protected. To achieve this, the following issues in a hybrid cloud computing model need to be addressed:
hybrid cloud computing model need to be addressed:
- Limited visibility into applications and data in the public cloud.
- Varying native security capabilities and features at different cloud providers
- Shared responsibility for security with cloud providers
- Scaling security up/down with dynamic addition/deletion of virtual machines as needed
As part of this use case, an example of an anonymous financial institution’s hybrid cloud deployment with AWS is also covered.
For more information on cybersecurity for the financial sector, visit our Financial Services industry page at https://www.paloaltonetworks.com/products/security-for/industry/financial-services.html