New Style of IT in Financial Services Cloud Services



Similar documents
Transform service delivery with HP Cloud Management

HP Helion, Cloud and the customer reality in the UK

Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Why Cisco for Cloud? IT Service Delivery, Orchestration and Automation

HP Helion: Now cloud runs through your business

Chapter 11 Cloud Application Development

Cloud, where are we? Mark Potts, HP Fellow, CTO Cloud November 2014

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4

MaaSter Microsoft Ecosystem Management with MaaS360. Chuck Brown Jimmy Tsang

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Securing the Service Desk in the Cloud

Central Agency for Information Technology

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Injazat s Managed Services Portfolio

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

<Insert Picture Here> Oracle Identity And Access Management

Recognition of Websense Leadership. Industry Analysts Validate Websense Market and Technological Leadership

White Paper. BD Assurity Linc Software Security. Overview

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

AppPulse Mobile. Whitepaper: Overhead, Privacy, and Security. March 2016

HP Software as a Service. Federated SSO Guide

SCADA SYSTEMS AND SECURITY WHITEPAPER

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Security Issues in Cloud Computing

Symphony Plus Cyber security for the power and water industries

NCR CLOUD SERVICES OVERVIEW. An NCR Brochure

Achieving PCI-Compliance through Cyberoam

Lecture 02b Cloud Computing II

Network Access Control ProCurve and Microsoft NAP Integration

Managing the Challenges of Cloud Management November 7, 2013

The New Style of IT. Rob McMahon. Director Cloud Computing HP General Western Europe

THINK CLOUD ATI CHALLENGES. 3 SITA 2011 SITA

At a Glance. Key Benefits. Data sheet. A la carte User Module. Administration. Integrations. Enterprise SaaS

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Logging In: Auditing Cybersecurity in an Unsecure World

Strengthen security with intelligent identity and access management

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

March

BMC s Security Strategy for ITSM in the SaaS Environment

RSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview

Cloud Computing in Banking

Mobile device Management mit NAC

Aadhaar. Security Policy & Framework for UIDAI Authentication. Version 1.0. Unique Identification Authority of India (UIDAI)

Cisco Advanced Services for Network Security

VMware vcloud Air Security TECHNICAL WHITE PAPER

SaaS Security for the Confirmit CustomerSat Software

Protecting What Matters Most. Bartosz Kryński Senior Consultant, Clico

HP Device Manager 4.6

Independent process platform

2X SecureRemoteDesktop. Version 1.1

Empowering IT-as-a-Service with Cloud and OpenStack Technology Innovation

Security of Cloud Computing Providers Study

How to Turn the Promise of the Cloud into an Operational Reality

IT Infrastructure Services. White Paper. Utilizing Software Defined Network to Ensure Agility in IT Service Delivery

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

CA Technologies Data Protection

CTS2134 Introduction to Networking. Module Network Security

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

The Next Generation of Security Leaders

How To Secure Cloud Computing

PREMIER SUPPORT STANDARD SERVICES BRONZE SILVER GOLD

Simple, scalable, secure Complete BYOD solution Michael Lloyd HP- Enterprise Group

Quattra s Cloud Vision & Framework Value

Virtualization Impact on Compliance and Audit

Managing Cloud Computing Risk

Embracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

20 th Year of Publication. A monthly publication from South Indian Bank.

Ten Reasons to Choose Unisys Enterprise Content Management (ECM) Services

Information Technology Branch Access Control Technical Standard

SERVICES BRONZE SILVER GOLD PLATINUM. On-Site emergency response time 3 Hours 3 Hours 1-2 Hours 1 Hour or Less

IBM PowerSC. Security and compliance solution designed to protect virtualised data centres. Highlights. IBM Systems and Technology Data Sheet

the limits of your infrastructure. How to get the most out of virtualization

Business-Driven, Compliant Identity Management

13 Ways Through A Firewall

Cloud Computing Security Issues

Cloud Security Who do you trust?

security in the cloud White Paper Series

Thales Service Definition for PSN Secure Gateway Service for Cloud Services

Developing Network Security Strategies

HP OpenStack & Automation

What s new in AM 9.30 Accelerating business outcomes

Business-Driven, Compliant Identity Management

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Newcastle University Information Security Procedures Version 3

Building Energy Security Framework

Architecting the Cloud

HP Atalla. Data-Centric Security & Encryption Solutions. Jean-Charles Barbou Strategic Sales Manager HP Atalla EMEA MAY 2015

IT General Controls Domain COBIT Domain Control Objective Control Activity Test Plan Test of Controls Results

CAPABILITY STATEMENT

Transcription:

New Style of IT in Financial Services Cloud Services January 23, 2015 Dr. Marc L. Brogle (CTO HP Banking Service Center) Hubertus Willeke (Business Development Executive FSI) Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

HP in the Financial Services Industry (FSI) Handles 2 out of 3 of all credit card transactions globally: 10 billion card transactions annually Operates some of the largest banking platforms (India, Shanghai) > 50,000 HP FSI professionals Services 2.5 million mortgages, secured items & unsecured items worldwide Processes more than 60 million insurance contracts annually & one every five seconds Clears over 500 million cheques a year in the UK alone HP has a Banking License 9 of the top 10 global financial services firms signed contracts with HP Enterprise Service within the last decade 2 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

Recognized expertise and experience Forrester HP leads the pack for private cloud solutions Forrester Research rates HP as the sole leader in private cloud provider evaluation HP stands out from the crowd by providing a clean and navigable interface that wraps substantial breadth and depth of capabilities into the fewest number of interfaces. The Forrester Wave: Private Cloud Solutions, Q4 2013 The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. 3 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

Recognized expertise & experience Everest Group Everest Group PEAK Matrix for enterprise cloud infrastructure services 4 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

The Banks Strategy & Approach New cloud platform is a major contributor to meet savings targets Bank Strategy Technology Objectives Reduce cost income ratio Guaranteed savings Increase capital efficiency Reduce operational & supply chain complexity Focus on clients Reduce Data Centre & infrastructure footprint Further develop core competence Consume standard, shared technology services Improve culture Improve stability, availability & time to market 5 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

6 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

Regulatory Compliance & Security Highly regulated banks must follow an increasing number of controls & assurances 7 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

FSI Requirements for Cloud Services Significant impact of regulatory / compliance / security aspects on FSI requirements Requirements from FSI customers (selection) Cloud Services Provider needs to have a deep understanding of privacy and security standards required to comply with applicable data protection laws State of the art concepts & technology (Firewalls zoning concept, Virtual LAN segments, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), etc.) need to be in place Implementation and certification of Quality Management according to ISO 9001:2008 & ISMS (Information Security Management System) according to ISO 27001:2005 transformed to ISO 27001:2013 in 2015 What does this mean for FSI in Switzerland (related to Swiss law & compliance) Reflect the various «FINMA Rundschreiben» with technical measures & organizational rules processes and controls for the access to bank data and bank customer data Ensure that there is no access to data hosted in the Secure Cloud from outside of Switzerland 8 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

Example Use Cases of FSI relevant Cloud Services Benefits come with challenges on every level (IaaS, PaaS, SaaS as well as BPO) Infrastructure / Platform as a Service Benefits: flexible, on-demand & secure consumption of high-available infrastructure / platform services Challenge: Restrictively (white & black list) or only locally managed (service desk / monitoring / control / ) Software as a Service: Document Archiving Benefits: Reduced document management complexity with quick, intuitive and secure access to archive as well as substantial economical savings (no separated Application Management costs, no deployment costs for new modules/functions, no upgrade costs, no update risks, no maintenance costs, ) Challenge: Compliant archiving in accordance with Swiss legislation BPO: End user tax reporting (e.g. tax reports for Germany) Benefits: Complete end-to-end security trail (from data input to print & dispatch in a closed environment) with a consumption based model (pay per report / case) with optionally additional tax consulting services Challenge: Secure & reliable data transfer in real-time / periodically, filtered at bank or by cloud service 9 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

Document Archiving (IMTF Hypersuite/C) in the Cloud High availability & security with restricted data access (geo-location and role based) Secure archive data storage Cloud documents are encrypted Cloud documents are signed User authentication User ID / Password Authorization Easy permission management Enable / disable: saving, printing, viewing, etc. Secure archive input/access Archive input channel via VPNs Secure access via SSL/HTTPS 10 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

Recommandations How to implement compliant cloud services and gain the trust of financial institutes Recommendations (selection) on how FINMA principles should be implemented Implement a closed-loop control system, ensuring comprehensive data access controls to protect from unauthorized & (Swiss-)external access as well as from hacking attacks All operations and activities have to be extensively logged (routers, firewalls, switches, IDS, IPS, OS, databases, Web code and application layer code) using independent credentials from production (integrity) Avoid «external» propagation of network, domain and server names (hence they are «invisible») Segregation of duty (SOD) must be installed in high risk areas to reduce probability of a potential damage Recommendations for FSI vendors / providers & users Acknowledge the questions as well as the potential doubts and hesitations of financial institutes that prohibit a «full trust» in cloud services / cloud based solutions by addressing them in open forums & events Establish a «FSI Cloud Community» (vendors / providers / user) to provide a platform for an open dialog Provide an «open» cloud platform creating an eco-system where SaaS providers can offer their FSI services 11 Copyright Copyright 2015 2015 Hewlett-Packard Development Development Company, Company, L.P. The L.P. information The information contained contained herein herein is subject is subject to change to change without without notice. notice.

The best way to predict the future is to invent it. Alan Kay Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information