New Style of IT in Financial Services Cloud Services

Transcription

1 New Style of IT in Financial Services Cloud Services January 23, 2015 Dr. Marc L. Brogle (CTO HP Banking Service Center) Hubertus Willeke (Business Development Executive FSI) Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

2 HP in the Financial Services Industry (FSI) Handles 2 out of 3 of all credit card transactions globally: 10 billion card transactions annually Operates some of the largest banking platforms (India, Shanghai) > 50,000 HP FSI professionals Services 2.5 million mortgages, secured items & unsecured items worldwide Processes more than 60 million insurance contracts annually & one every five seconds Clears over 500 million cheques a year in the UK alone HP has a Banking License 9 of the top 10 global financial services firms signed contracts with HP Enterprise Service within the last decade 2 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

3 Recognized expertise and experience Forrester HP leads the pack for private cloud solutions Forrester Research rates HP as the sole leader in private cloud provider evaluation HP stands out from the crowd by providing a clean and navigable interface that wraps substantial breadth and depth of capabilities into the fewest number of interfaces. The Forrester Wave: Private Cloud Solutions, Q The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. 3 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

4 Recognized expertise & experience Everest Group Everest Group PEAK Matrix for enterprise cloud infrastructure services 4 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

5 The Banks Strategy & Approach New cloud platform is a major contributor to meet savings targets Bank Strategy Technology Objectives Reduce cost income ratio Guaranteed savings Increase capital efficiency Reduce operational & supply chain complexity Focus on clients Reduce Data Centre & infrastructure footprint Further develop core competence Consume standard, shared technology services Improve culture Improve stability, availability & time to market 5 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

6 6 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

7 Regulatory Compliance & Security Highly regulated banks must follow an increasing number of controls & assurances 7 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

8 FSI Requirements for Cloud Services Significant impact of regulatory / compliance / security aspects on FSI requirements Requirements from FSI customers (selection) Cloud Services Provider needs to have a deep understanding of privacy and security standards required to comply with applicable data protection laws State of the art concepts & technology (Firewalls zoning concept, Virtual LAN segments, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), etc.) need to be in place Implementation and certification of Quality Management according to ISO 9001:2008 & ISMS (Information Security Management System) according to ISO 27001:2005 transformed to ISO 27001:2013 in 2015 What does this mean for FSI in Switzerland (related to Swiss law & compliance) Reflect the various «FINMA Rundschreiben» with technical measures & organizational rules processes and controls for the access to bank data and bank customer data Ensure that there is no access to data hosted in the Secure Cloud from outside of Switzerland 8 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

9 Example Use Cases of FSI relevant Cloud Services Benefits come with challenges on every level (IaaS, PaaS, SaaS as well as BPO) Infrastructure / Platform as a Service Benefits: flexible, on-demand & secure consumption of high-available infrastructure / platform services Challenge: Restrictively (white & black list) or only locally managed (service desk / monitoring / control / ) Software as a Service: Document Archiving Benefits: Reduced document management complexity with quick, intuitive and secure access to archive as well as substantial economical savings (no separated Application Management costs, no deployment costs for new modules/functions, no upgrade costs, no update risks, no maintenance costs, ) Challenge: Compliant archiving in accordance with Swiss legislation BPO: End user tax reporting (e.g. tax reports for Germany) Benefits: Complete end-to-end security trail (from data input to print & dispatch in a closed environment) with a consumption based model (pay per report / case) with optionally additional tax consulting services Challenge: Secure & reliable data transfer in real-time / periodically, filtered at bank or by cloud service 9 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

10 Document Archiving (IMTF Hypersuite/C) in the Cloud High availability & security with restricted data access (geo-location and role based) Secure archive data storage Cloud documents are encrypted Cloud documents are signed User authentication User ID / Password Authorization Easy permission management Enable / disable: saving, printing, viewing, etc. Secure archive input/access Archive input channel via VPNs Secure access via SSL/HTTPS 10 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

11 Recommandations How to implement compliant cloud services and gain the trust of financial institutes Recommendations (selection) on how FINMA principles should be implemented Implement a closed-loop control system, ensuring comprehensive data access controls to protect from unauthorized & (Swiss-)external access as well as from hacking attacks All operations and activities have to be extensively logged (routers, firewalls, switches, IDS, IPS, OS, databases, Web code and application layer code) using independent credentials from production (integrity) Avoid «external» propagation of network, domain and server names (hence they are «invisible») Segregation of duty (SOD) must be installed in high risk areas to reduce probability of a potential damage Recommendations for FSI vendors / providers & users Acknowledge the questions as well as the potential doubts and hesitations of financial institutes that prohibit a «full trust» in cloud services / cloud based solutions by addressing them in open forums & events Establish a «FSI Cloud Community» (vendors / providers / user) to provide a platform for an open dialog Provide an «open» cloud platform creating an eco-system where SaaS providers can offer their FSI services 11 Copyright Copyright Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

12 The best way to predict the future is to invent it. Alan Kay Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.