Analyzing Security, Privacy Issues & Solutions for Cloud in Finance

Verified

Added on 2023/06/10

AI Summary

This research paper delves into the impact of cloud computing on the financial industry, highlighting both its benefits and the associated security and privacy challenges. It examines the influence of GDPR on cloud computing within the financial sector, particularly concerning data protection and the management of personal information of European citizens. The paper identifies key issues such as compliance risks, transparency of Cloud Service Providers (CSPs), and the need for clear regulatory guidance. Furthermore, it proposes potential solutions to current and future security and privacy concerns, including enhanced regulatory compliance and improved security schemes, emphasizing the importance of mitigating these risks to encourage wider adoption of cloud computing in financial organizations. The research aims to clarify the mitigation processes of security issues, thereby fostering greater trust in cloud computing for data management within the financial sector.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: RESEARCH PAPER
Cloud Computing in Financial Sector: Current Security, Privacy Issues and
its Solutions
Name of Student-
Name of University-
Author’s Note-

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1RESEARCH PAPER
Copyright
The materials and the content of this research paper are subjected only for the academic
study and for personal use. This research papers is created to provide a detailed study for the next
generation. Accessing knowledge is human right and all humans will be able to get idea from
this research paper. There are exceptions as well as limitations that are attached to the copyright
to protect the public interest and also for dissemination of knowledge.

2RESEARCH PAPER
Acknowledgement
Thank you to all of those who have helped listened and encouraged me throughout this
study. I am indebted to my supervisor ......................... whose guidance, advice and patience has
been immeasurable. My sincere thanks to all members of the............... [Mention your
university/college name], both staff and students, whose continuous support have made this
thesis possible.
I would like to thank all of the participants in the study: students, teachers and Local
Education Authorities, for the time and help given throughout. Without their participation, this
research would not have been possible. In this context, I am also thankful to them, whose
research work helped me to execute this paper well.
Finally, I thank my family, without whom this thesis would not have been started or
completed! Your encouragement and support has never faltered; thank you.

3RESEARCH PAPER
Abstract
Cloud computing is one such type of artificial intelligence that mainly helps the companies in
many sectors including the banking sector or financial sectors, who mainly deals with data and
aims to keeping the data storage safe from any intruder. Cloud computing provides a high degree
of regulation in the financial sector. The concept of cloud computing is mainly a rapid
developing technology that has mostly gained traction in the recent years. The cloud is mainly an
enabler of many other technologies that includes big data, Internet of Things, artificial
intelligence and many other technologies. The main service that the cloud computing provides
mainly concern with interoperability, security of storage and provides service to their customers
irrespective of time and place. The cloud computing enables wider scale as well as utilization of
the IT resources as some shared services in an organization. In financial industries, the
information technology is considered as the most essential factor in solving the issues. The issues
that are related with the cloud computing are addressed in this research paper along with the
mitigation processes. This research paper also deals with the importance of GDPR of cloud
computing the in the financial sectors. This research paper clearly solves all the issues related to
cloud computing that are faced in the financial sectors.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4RESEARCH PAPER
Table of Contents
1. Introduction..................................................................................................................................5
1.1 Background of the study........................................................................................................5
1.2 Aims and Objectives..............................................................................................................9
1.3 Research Questions..............................................................................................................10
2. Literature Review......................................................................................................................10
2.1 GDPR (General Data Protection Regulation)......................................................................15
2.2 Impact of GDPR on Cloud Computing in Financial Sector................................................16
2.3 Impact of GDPR on Security Issue and Privacy issues of Cloud Computing in Financial
Sector.........................................................................................................................................17
2.4 Future security and privacy issues of Cloud Computing in Financial Sector......................18
3. Methodology and Approach......................................................................................................22
4. Result and Discussion................................................................................................................26
5. Analysis and Conclusion...........................................................................................................37
References......................................................................................................................................45

5RESEARCH PAPER
1. Introduction
1.1 Background of the study
According to the data privacy rules of Europe, the GDPR (General Data Protection
Regulation) has already been in use from 25th May, 2018. After implementing the GDPR in
Europe, many data privacy rules are been introduced in the financial sector of Europe. The
concept of GDPR regulates the European organizations which uses as well as possesses all
personal pertaining of data to all the citizens living in Europe. The data pertaining takes place
regardless the place of data that has taken place (Qiu et al. 2018). There are many new
regulations that will be implemented in many companies as well as organizations in the financial
sectors so that they can compete the development as well as using the artificial intelligence.
Artificial intelligence includes some set of processes or technologies which mainly allows the
computers to perform the tasks similar like human beings. Cloud computing is one such type of
artificial intelligence that mainly helps the companies in many sectors including the banking
sector or financial sectors, who mainly deals with data and aims to keeping the data storage safe
from any intruder. This cloud computing helps to increase the productivity by increasing the
efficiency of the processes and making their services as a high quality of outputs. Many artificial
intelligence does not have involvement of personal data (Li et al. 2017). The consumers who
mainly interacts with the service of artificial intelligence such as cloud computing, personal
assistants, robo-advisors who will instruct the financial advice, provides recommendations for
the streaming services will get affected. Every established companies in Europe deals with
personal data that includes payroll and uses the advantages of artificial intelligence for
management of such data. The way to use the personal data on the European citizens are being
limited now and raising legal risks for the companies are active for the artificial intelligence. The
GDPR deals with data protection and will impact negatively on the development and the use of
the artificial intelligence by the companies of Europe in financial sectors.
Cloud computing has the power to change the business opportunities as well as business
demands. Cloud computing helps a business to become more agile and scale all their resources
with elasticity and speed (Hashem et al. 2015). For all the business leaders, the cloud computing
enables the LOB (Lines of Business) to provision the computing resources and applications to

6RESEARCH PAPER
rollout the key business initiatives. The cloud computing enables wider scale as well as
utilization of the IT resources as some shared services in an organization.
In financial industries, the information technology is considered as the most essential
factor in solving the issues (Dove et al. 2015). The information technology that is considered in
this research paper is the cloud computing, which plays an important role in the financial sector.
The cloud computing in the financial sector delivers IT services which is more flexible as well as
cost efficient. This makes the cloud computing a perfect information technology factor in the
financial industry. Cloud computing provides a high degree of regulation in the financial sector.
Cloud computing is very much useful in various sectors and from which the sector that is
considered in this research paper is the financial industry. The financial industry gets much
influenced with the cloud computing implementation (Hert and Papakonstantinou 2016). The
financial industry gets benefited with the implementation of cloud computing particularly for
customers because the customers can get access to different options that are offered by the
financial sector. The customers of the financial sector gets benefited from the cloud computing.
The independent variable that is the financial industry in this study enjoys the benefit for
utilizing the resources properly with fast consuming operations and with less effort (Martínez-
Pérez, Torre-Díez and López-Coronado 2015). The benefits that are included with cloud
computing also has some disadvantages that are included in this study. The flaws that are
associated with the cloud computing in financial sector involves security as well as privacy.
These flaws are considered as a main concern for the financial industry.
With the business in the finance sector, there is loss of control as well as compliance on
top of the Financial Industries and regulating all the risks that are associated with the business
processes. The risks that is perceived by the use of cloud computing in financial markets poses
challenges to the users of cloud. The challenges that are includes are stated below:
 Managing the compliance risks as well as managing governance.
 Providing better tool for the contract or SLA negotiation, mainly in smaller financial
companies (Gai et al. 2015).
 Increasing the transparency level of CSPs (Cloud Service Providers).
 Increasing the level of information understanding of the cloud security in the Financial
Industries.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7RESEARCH PAPER
 Clarify all differences in between the cloud computing as well as outsourcing.
 Push all National Financial Supervisory Authorities (NFSAs) for providing advanced
guidance on the concept of cloud.
 Improve the all available security as well as privacy schemes of certification.
From all the information that will be collected and analyzed in this research paper, there
are short term issues that helps to promote as well as adopt the cloud service. The issues are
stated below:
o Reduce information gap- None of the sectors, that is FIs or NFSAs considered the
security of cloud computing as the main factor while using the service. The security is
considered as the main factor only by the Cloud Service Providers (CSPs).
o Provide clear as well as perfect regulatory guidance- The service provider of cloud and
the financial industries have different views as well as understanding the regulation of the
cloud computing that seems to confirms that the financial markets needs some better
guidance as well as communication in between the users.
o Simplifying as well as streamlining the compliance- The NFSA mainly facilitate the
cloud service adoption mostly in the financial sectors for meeting regulatory
requirements (Gazzar, Hustad and Olsen 2016). There are different Financial Industries
that have Cloud Computing Security Risk Assessment, which is a helping tool that
develops a corporate risks of cloud computing.
This paper describes all the flaws that are related with the security as well as privacy that
is considered as a major part of the financial industry. This paper also shed light on the
challenges that cloud computing offers in financial sectors and all processes that cloud
computing contribute to the financial sector. This research paper also provides some potential
solutions to the current cloud computing and also provide solutions for future privacy issues as
well as security concerned with the financial sector. There are also some proposed regulatory as
well as compliance that helps the cloud computing to increase its security and solve the privacy
issues in financial industries. The following section in this chapter offers the aims and objectives
of this paper and finally provides some research questions related to cloud computing in financial
industries.

8RESEARCH PAPER
1.2 Aims and Objectives
The aim of this research paper is to discuss the impact of cloud computing in the financial
industry. The cloud service provides benefits to the financial industry along with security as well
as privacy issues. The aim of this research paper is to discuss all the security issues related to
cloud computing in the financial industry. This paper also aims to know the effect of GDPR on
security issues of cloud computing. The challenges related to the cloud computing are discussed
along with the mitigation technique needed to mitigate those challenges. Different processes that
are needed to mitigate the issues of cloud computing in financial sectors are investigated in this
research paper.
H1: If security and the privacy issues are mitigated in Cloud Computing, more
organizations will be encouraged to implement Cloud Computing in their business processes.
H2: If all companies in financial sector uses Cloud Computing, data storage system will
become very easy.
The expected output of this research paper is to study all the security issues of cloud
computing and know the mitigation techniques of cloud computing privacy and security issues.
This research paper clearly defines all such mitigation process of security issues that will help
other organization to depend of the service of cloud computing. This research paper also shows
the importance of GDPR (General Data Protection Regulation) of cloud computing that mainly
impacts on the financial industries. As because of the privacy and the security issues of cloud
computing, many organization in the financial sectors do not trust on cloud computing for its
data management. This research paper explains clearly the mitigation process of cloud
computing.
The below mentioned are the objectives that are followed to carry out this research paper.
 To study the security as well as privacy issues of Cloud Computing related to Financial
Industry
 To study the effect of GDPR on Security and Privacy issues of Cloud Computing in
Financial Sector
 To understand the challenges associated with Cloud Computing

9RESEARCH PAPER
 To study the mitigation process related to Cloud Computing in Financial Industry
 To understand the future/emerging security and privacy issues of Cloud Computing in
Financial Sector
1.3 Research Questions
 What are the potential factors associate with General Data Protection Regulation (GDPR)
use in cloud computing?
 What are the impacts of GDPR on Cloud Computing in Financial Sector?
 How GDPR can affect the Security and Privacy issues of Cloud Computing in Financial
Sector?
 How to mitigate the issues related to GDPR on Cloud Computing in Financial Sector?
2. Literature Review
According to Rittinghouse and Ransome (2016), cloud computing is one of the most
important technological advancements that are used in the financial industries by the CIOs, and
the CFOs of the organizations. The concept of cloud computing is mainly a rapid developing
technology that has mostly gained traction in the recent years. The cloud is mainly an enabler of
many other technologies that includes big data, Internet of Things, artificial intelligence and
many other technologies. The main service that the cloud computing provides mainly concern
with interoperability, security of storage and provides service to their customers irrespective of
time and place. Cloud computing serves many benefits that are also associated with the
applications included in the financial sectors as well as in banking sectors.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10RESEARCH PAPER
Figure 1: Advantages of Cloud Computing
(Source: Hert and Papakonstantinou 2016)
With the adoption of cloud service in the financial sector, the agility factor of the
processes of business are increased gradually. The concept of cloud computing in financial
industrial sectors helps to grow the financial organization and also grows the sustainability of the
organization (Demchenko et al. 2016). The financial sector should maintain particular standards
because these standards helps to mitigate the risks of cloud computing in those sectors. There are
many activities that helps in achieving the execution of cloud computing in the financial sectors.
The activities that are involved are stated below:
The concept of cloud computing has many efficient supervision for the associated risks in
the sector of Information Technology.
The cloud computing also helps to fulfills all the risks requirement strategies that should
be followed by the assessment.
Cloud computing also helps to coordinate the effective contract on needs of business.
Last but not the least, cloud computing helps to monitor regularly of business system and
all the services that are provided.
As stated by Siu et al. (2016), the implementation of service of cloud computing helps the
companies in the financial sectors to work more efficiently in all the modes of operation. Cloud

11RESEARCH PAPER
computing consists of many benefits when all the risks included in cloud are managed. The cloud
computing helps all the organizations in the financial sector to make new entry in the markets,
get benefits from all new opportunities and strengthen all processes of the business involved in
the financial sectors (Gai et al. 2015). The financial firms can get benefitted in many ways
among which another way is that the cloud computing reduces their setup and the operating cost
that are related with the installation of the of new hardware and the software that is required for
the storage in the data centers that makes the infrastructure resource needed that are needed or is
available.
Figure 2: Cloud computing process
(Source: Weber 2015)
Importance of this Research Study:
This research study is important because Cloud Computing plays an important role in
storing of data in Financial Sector. The cloud is mainly considered as digital agenda in this world
of digitization. The firms in the financial sector also have concern related to regulatory
compliance which holds the concept of cloud computing with very wide adoption scale (Lučić,
Boban and Mileta 2018). The main concerns that are related with the cloud computing in
financial sectors are described below:

12RESEARCH PAPER
The first reasons comes when the regulator dos not approve the migration that is related
with all the business operations of cloud in financial sectors. The Financial Conduct Authority
(FCA) have provided recently a new level of clarity for adoption of the cloud so that they can
increase or decrease the changes that are related with the organization.
Secondly, Porambage et al. (2016) stated that the cloud does not provide any security for
storing the data in it. There is not proper secure way for storing data in cloud. The service that
cloud offers is third party encryption of cloud which provides an additional layer or encrypting
the data in all applications of the service providers of cloud. The data encryption technique is not
controlled by cloud providers. This third party encryption technique only keeps all the data safe
in the cloud at all the times and where ever the data is stored.
Gap Analysis:
It can be said that the cloud usually does not provide any information about particularly
where the data is stored. The data that United Kingdom and European countries generate should
always meet the data residency requirement (Gutierrez, Boukrami and Lumsden 2015). The data
should also satisfy the Data Protection Act for keeping all data safe in the financial companies.
So, it is very difficult to say where the data are stored and this is another concern about cloud
computing.
The users who uses the concept of cloud computing mainly do not have any clarity or do
not have control on operational, procedural, privacy as well as the security mechanisms for
providers of cloud computing (Gai 2014). The security accreditations of cloud providers uses
more extensive in the organizations of the financial services. With the technology of cloud
computing, mitigation process is very much complicated. The success with the cloud is very
simple and mainly has the strategy, a roadmap to company as well as has mitigation plan for the
company of financial industry.
The concept of cloud computing is basically an emerging technology that has basically
some shared resources along with the low cost and can rely on the pay per use demand for the
user (Weber 2015). There are many characteristics as well as effects on the budget of
Information Technology and the impacts on privacy, security issues and security of cloud
computing. All security issues and the privacy issues that are discussed are involved in the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

13RESEARCH PAPER
concept of cloud computing (Bruin and Floridi 2017). The users who use cloud computing gets
much benefited by the usage of cloud computing. It helps for storing the data as well as the
processes that are involved in the cloud computing on the Internet. Security is the main concern
of cloud computing that is involved in the financial sectors. The main reason that is behind for
moving or migrating all the organizations from a traditional framework to that of cloud
computing that is the framework of cloud computing is more secure than the infrastructure of
traditional network.
2.1 GDPR (General Data Protection Regulation)
According to Thota et al. (2018), General Data Protection Regulation compliance is
basically a cloud that is complex. Businesses which uses the services of cloud that includes
Salesforce and the Dropbox that mainly ensures that data practices at each of the services are
compliant with GDPR. According to the research conducted by Netskope, this tasks becomes
tough when the European enterprises uses an average of around 608 applications of cloud.
GDPR mainly has six different legal bases for the data processing (Al-Badi, Tarhini and
Al-Kaaf 2017). The consent of data subject, rights that are given under performance of the
contract, compliance that are associated with the legal obligations, protecting all vital interests of
data subject, legitimate interests and the public interests.
2.2 Impact of GDPR on Cloud Computing in Financial Sector
GDPR has many impact on the financial sector of cloud computing. The impact of the
GDPR on the cloud computing is stated below.
Client Consent- In terms of GDPR, the personal data that are involved in cloud
computing refers anything that can be identify the name, email address, profiles of social media,
social security numbers of some individuals (Dzombeta et al. 2014). The firms of the financial
sectors mainly outlines main purpose for the data that was collected and then seek the additional
consent if the firms wants to share all information with the third parties. The main aim of the
GDPR is ensuring the customers that retains right over the own data.
Right for ensuring and right that is to be forgotten- Meddeb (2016) stated that the
GDPR empowers with European citizen with right to the data privacy. Under this terms, the
individuals that uses the cloud computing can request the access or removal of the own personal

14RESEARCH PAPER
data from the banks without authorization of any outsider. This is commonly known as Data
Portability (Maresova and Klimova 2015). The financial institutions mainly keep the data for
ensuring compliance with some other regulations. In other circumstances, there is no
justification.
Consequences of data breach- The firms of the industrial sectors basically adopt their
protocols in the data breach event. The GDPR basically mandates the officers of data protection
that reports the data breach to supervisory of the personal data with in a duration of 72 hours
(Kertesz and Varadi 2014). The notification that are involved should contain the details that is
regarded as the nature of data breach, all the categories and the approximate number of the
individuals who are impacted as well as contact information of DPO (Data Protection Officer).
The notification that is to be delivered should contain the details that includes the nature of data
breach, all the categories and the approximate number of individuals who were impacted, and the
contact details of DPO (Data Protection Officer). The data breach notification, and all
remediation are also to be sent that impacts the customers without any type of undue delays.
Vendor Management- Chassang (2017) stated that systems of information technology
mainly forms backbone of all financial firms with the client data continually passing them
through many application of the Information Technology. GDPR is mainly associated with the
personal data of the client, firms that are needed to understand all the data flows across different
systems. The trend of increasing the outsourcing development and the support of functions with
means that the personal client data are accessed by some other external vendors. This
significantly increases the data exposure of data. Under the GDPR, the vendors usually
disassociate themselves from any other obligations towards accessing of data (Schoenen, Mann
and Metzger 2017). The Non-European organizations that are working in the collaboration with
the Europe banks or serving the citizens of Europe for ensuring the vigilance for sharing the data
across the borders. The GDPR effect imposes the accountability that is end to end for ensuring
the data that are well protected by enforcing them and supports all the functions so that they can
embrace the compliance.

15RESEARCH PAPER
2.3 Impact of GDPR on Security Issue and Privacy issues of Cloud Computing in
Financial Sector
There are many security issues that are related to security of cloud computing. The cloud
computing encompasses many different technologies that includes databases, operating systems,
resource scheduling, networks, transaction management, load balancing, memory management
and concurrency control. So the security issues related to all the systems and the technologies are
mostly applicable for the cloud computing. There are many such examples that states the security
issues of cloud computing (James and Chung 2015). The network which mainly interconnects
system in cloud is needed to be secured for keeping all the data safe in the network. Another
paradigm in cloud computing is the concept of virtualization. The concept of virtualization has
many security concern. Mapping done in virtual machines to convert them to physical machines
are needed to be carried securely while carrying out the security issue virtualization. The data
security that involves encrypting of data and then ensuring the needed policies are enforced for
data sharing. Moreover, the resource allocation as well as algorithm of memory management are
to be kept secured. The technique of data mining are also applicable for all the malware detection
in the clouds. There is an extended policy of technologies as well as concepts that have been
developed for a making the cloud secure for making it suitable to use by the financial sectors
(Gangwar, Date nd Ramaswamy 2015). There are many layered framework for the assured
service of cloud computing that consists of secure layer of virtual machine, securing the layer of
cloud storage, securing the data layer of cloud as well as securing the virtual layer of the network
monitor. The service that provides cross cutting mostly provides policy layer, layer of cloud
monitoring, reliability layer and the layer of risks analysis.
2.4 Future security and privacy issues of Cloud Computing in Financial Sector
According to Mathkunti (2014) the security of cloud computing that must be integrated
with the aspect platforms of cloud computing which gains the trust of users for securing the data.
The security is mostly considered as the most prominent issue in the field of cloud computing in
some of the financial sectors. Most of financial sectors that mostly fears for depending the cloud
computing because the security issues. The security as well as privacy issues of risks that are
related to organization for using cloud computing are stated in the GDPR compliance. The
organizations mostly deals with data and the all the data are stored on cloud that are commonly
known as network of computers (Chang 2014). These network of computer uses remote storage

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

16RESEARCH PAPER
for a cloud and also uses remote maintenance. Comparing all benefits of cloud computing as well
as risks that are related to cloud computing, it is necessary for evaluating viability of the cloud in
the financial sectors. There also lies some issues related to privacy issues that are also discussed.
These privacy issues are to be considered by all users who uses the businesses of cloud
computing before implementing them.
Privacy Issue
The privacy issue includes securing the private and the sensitive information that the
client store on a network. In terms of cloud computing, securing the data as well as all the private
and sensitive data are the rights of human. In terms of cloud computing, privacy of cloud occurs
accordingly to the model of cloud deployment (Inukollu, Arsi and Ravuri 2014). In case of
public cloud, the cloud is a dominant architecture when it comes to cost reduction. But when a
user relies on the Cloud Service Provider for managing as well as holding the information of
customer, there comes many privacy concerns that can be dealt with. The privacy concerns that
are related with private cloud computing are discussed below.
Lack of control for users- In a SAAS environment, the service provider is much more
responsible for controlling the data. There are many ways by which a customer can retain
the data and when the information is being processes or is stored. This is a legal
requirement and this makes a trust between the customer and the vendor. The user
sensitivity paradigm as well as processing of data in cloud of the systems. This leads in
misusing of data that is left for illegal as well as theft (Manogaran, Thota and Kumar
2016). The cloud service provider also cannot guarantee the subject of data to be safe
from any other outside access or any other outsider can access the data and delete them
without the permission of the user. If this happens, it is very difficult to retrieve the data
from cloud as well as avoid a vendor lock in.
Secondary Usage that are unauthorized- Many threats can occur if the information is kept
for illegal use. The standard business of cloud computing helps the business provider to
achieve profits from the authorized secondary of data which mostly targets the
commercials (Porambage et al. 2016). Secondary uses do not possess barriers for the
secondary uses of data. Moreover, there is a connected issue related to the financial
flexibility of the Cloud Service Providers. Example of issue related to the financial

17RESEARCH PAPER
flexibility includes possibility of the vendor termination, and if the provider of clou
computing is bankrupted. There is another way where some other companies may also
get the data of the cloud service providers.
Data Proliferation as well as Transborder Data Flow- Lučić, Boban and Mileta (2018)
illustrated one main attribute of the cloud is the Data proliferation. This involves
involvement of several companies and not controlling or managing the data owners. The
vendors can be guaranteed with an ease by using the data by copying the data in different
datacenters. The vendor guarantee can use the copy of data in many datacenters.
Duplication of data is very difficult to ensure or the backups that are not stored or is
processed with certain authority. If some research is made, then all the copies of the data
can be deleted. Because of the movement of the data, the Cloud providers exacerbate
with the transborder of the data flow. This is because it can difficult to ascertain the
specific server or the storage device that will be used as dynamic nature of the
technology.
Dynamic Provision- The cloud has many vibrant nature. So, there can be clear aspect
which one is legally responsible for ensuring the privacy of the sensitive data by the
customer on cloud.

18RESEARCH PAPER
Figure 3: Issues of Cloud Computing
(Source: Manogaran, Thota and Kumar 2016)
Security Issue
There are security issues that the cloud computing provides. The public cloud increases
the privacy issues but there is no security concern (Weber 2015). Some security concerns that are
involved in cloud computing are discussed below:
Access- Security of has threat for accessing all sensitive information. There always
remains of risk for data theft from a machine which has more chances in the cloud environment
of the data stored in the cloud for a long duration of time because any hacker can access the data
of cloud.
Controlling the data lifecycle- For ensuring the customer which has control over the data
of the data is removed or is deleted by the vendor that cannot regain the data (Kertesz and Varadi
2014). In a cloud PAAS and the IAAS models, there virtual machine that are used for processing
and the media can be wiped. Still there remains no surety that cannot get the data.
3. Methodology and Approach
3.1 Outline of the Research:
The research methodology is mainly based on previous literature study that deals with the
current security and privacy issues of cloud computing in the field of financial sector. The
research outline includes Research Philosophy, Approach of the Research, Research Design,
Procedure of Data Collection, and Data Analysis method. The research study is conducted with
secondary sources of data collection method where qualitative as well as quantitative data from
different articles are being studied to find out the security and privacy issues of cloud computing
(Vogel 2014). The philosophy used to carry out this research is interpretivism philosophy. The
approach that is used in this research methodology is inductive approach where new theories as
well as new frameworks are developed. The research design that that is considered in this
research paper is explanatory research design in which the researcher researches the security and
privacy issues of cloud computing in financial sector and the impact of GDPR on them. The data
collection procedure that is used to carry out the research paper is secondary method of data

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

19RESEARCH PAPER
collection and the data analysis method that is used is quantitative data as well as qualitative data
for analyzing the security and privacy issues of cloud computing.
3.2 Research Philosophy:
There are mainly two types of research philosophy that are used for research
methodology. To study the security as well as privacy issues that are related with cloud
computing in financial sector. There are mainly two research philosophy that is generally used
for research methodology. The research philosophy are positivism philosophy and interpretivism
philosophy. To carry out this research study interpretivism philosophy is used. This philosophy
is used for conducting a research that mainly follows all scientific data that are available for the
research. All such data related to cloud computing in financial sector are evaluated through
interpretivism philosophy. Mostly all the data that are stated by other authors are stated in this
interpretivism philosophy and involvement of human is not considered (Phaphoom et al. 2015).
From the interpretivism philosophy, the analysis of cloud computing is stated clearly in this
research paper that deals with security and privacy issues. Many elements are interpreted with
the involvement of interpretivism philosophy in the research analysis. Naturalistic data collection
approach is used in this research paper that includes studies from other articles, emerge the
meanings towards ending the research process. All logical techniques are utilized as social
research think.
3.3 Approach of Research:
For analyzing a research study, mainly two approach is used by the researchers. The
approaches are deductive approach and inductive approach. Deductive approach is mainly top-
based approach in which a large amount of information is achieved while conducting the
research. This approach helps to review the composing flow and also meet up all vital hypothesis
with the objective that is related for the case study. Inductive approach of research analysis
includes new framework and new theories that are needed to be developed. Inductive method
helps to examine the fundamental period if investigation along with true objective. Requirements
of the Inductive approach are developed through imperative theory to progress other speculation.
To carry out the analysis of this research study, the deductive approach is used that helps
to utilize the distinctive type of truths as well as employments for cloud computing in financial

20RESEARCH PAPER
sector. This deductive approach also helps to find out all the privacy issues and security issues
that are related to cloud computing in financial sector. This deductive approach also states
involvement of GDPR on security and privacy issues of cloud computing in financial sector.
3.4 Research Design:
Research design analysis is generally a systematic approach in which the researcher
conducts some scientific study. In research design, all the identified components are
synchronized and the data results in plausible outcome. Mainly three types of research design are
used for analyzing the data for a research study namely, Exploratory Research, Descriptive
Research, and Evaluation Research. In exploratory research design, the researcher explores what
the research paper deals with and how the research will be conducted (Avram 2014). In
Descriptive Research Design, more details is studied about the research work. The researcher
knows in more details about the research study. Explanatory Research explains the main subject
of the research and addresses the questions about what, why and how the research problem is
solved.
For getting the result of this research paper, the research design that is used is
explanatory. This research design helps to get all the information about cloud computing in
financial sector and also can address about issues of cloud computing in financial sector. This
exploratory research also helps to find out how to mitigate the issues of cloud computing in the
specified sector and the use of GDPR in solving those issues. By selecting this research design,
makes the design flexible, efficient and makes the research design more appropriate.
3.5 Data Collection Procedure:
Generally, for collection of data while carrying out a research study, there are two types
of data collection procedure. Primary data collection method and secondary data collection
method. In primary data collection method, there are questionnaires, interviews that are held,
group discussions, as well as observations. The researcher collects the data by their own by
organizing interviews and questionnaires (Tao et al. 2014). On the other hand for secondary data
collection method, the data that the researcher collects are collected from documents, reports and
well as other articles.

21RESEARCH PAPER
In this methodology, secondary data collection method is used in which all the detailed
information about cloud computing are corrected from other articles, books from libraries,
journal articles, Internet search as well as other internet gateways. For carrying out the research
study with secondary data collection method, only the information that are essential are gathered
for examining the issues of cloud computing in financial sector. To carry out the research study,
all such journal articles are used including newspaper, yearly reports and other sources of
auxiliary information are used.
3.6 Data Analysis Method:
Two types of data analysis methods are used for carrying out methodology of a research.
The data analysis methods are qualitative data analysis and quantitative data analysis. All
information that are gathered from the interviews or group discussions are known as qualitative
data. These data are generally used to compare as well as think critically with finding of
literature review (Inukollu, Arsi and Ravuri 2014). The qualitative method includes
understanding the underlying reasons, motivations, as well as opinions that are collected from
the analysis. Whereas, in quantitative research, numerical data are collected that are to be made
into usable statistics. Quantitative data is used to quantify the attributes, behaviors, opinions as
well as all other defined variables.
To carry out the research study and analyzing the results related to GDPR on security and
privacy issues of Cloud computing on financial sectors, quantitative data analysis is used. For
analyzing the data many online surveys are studied, newspaper are analyzed.
4. Result and Discussion
The financial industry of Europe is in early stage for the adoption of cloud. Many of the
financial industries mainly use limited range of the cloud computing services. The approach of
services based on cloud is not that much strategically placed, but some of the organizations are
not even aware of the cloud service they are taking. The below chart shows that almost 88% of
the financial industries, until 2015 are taking the service of cloud computing. Out of the 88%,
only 81% of the industries are aware of the fact that they are using cloud computing services in
their business process. According to Siu et al. (2015), the survey that was organized only one

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

22RESEARCH PAPER
organization out of the four organization knew that their business units are using services that are
cloud based without the involvement of respective technological department.
Figure 4: Financial Industries using Cloud Computing
(Source: Naydenov et al. 2015)
The financial sector have adopted the services based on cloud on a low maturity level.
Among all the finance sector that are taken for conducting survey of the taken research paper,
only 50% of the industries in finance sector are using the service of cloud explicitly. The
common approach that is used by the finance sector is hybrid Public Cloud and hybrid Private
Cloud. Some of the organizations even use the service of cloud computing as testing
environment and also to develop better usage of hybrid Public Cloud. Public Clouds are used by
the finance industries as a testing bed for all the new applications.
According to Naydenov et al. (2015), the survey that was conducted in the taken research
paper, only 8% of the total finance industry has Private Cloud Computing service policy. The
main reason for using the Private Cloud is the privacy as well as compliance concerns. The
Private Cloud also provides confidence for the business requirement of organization. According
to the survey conducted, almost 92 % of the total organization in the finance sector have started
using the strategy of Public Cloud as well as Private Cloud both for the external as well as
service for in house information technology (Mosco 2015). This increases the amount of
adopting cloud service. From the study it can also be stated with the implementation of cloud
computing, there is a particular prudency level when cloud computing deals with critical

23RESEARCH PAPER
services. Nearly 42% of the organizations in the finance industry do not have explicit strategy of
cloud or is in the developing state.
Figure 5: Challenges faced by Cloud Computing
(Source: Sharma et al. 2017)
As stated by Schoenen, Mann and Metzge (2017), in his article, there are many reasons
for which the finance industry do not have well cloud strategy. The reasons for which there is no
cloud computing are listed below:
 There are restriction for regulation for which the finance industries avoid of using cloud
in their business processes. Up to 50% of the industries do not use cloud computing for
this reason.
 Lacking of strategic approach because of cloud computing also prevents the industries to
use them.
 The cloud also does not provide concern notification for the public breach.
 Some of the industries even doubt about the working of cloud computing. So, they do not
use the services of cloud.
 Some of the organizations do not use service of cloud computing because they has lack of
interest for accessing the opportunities of cloud. According to the survey conducted, only
10% of the industries lack interest about cloud computing strategies.

24RESEARCH PAPER
After all the reasons for not adopting cloud computing by the organizations in the
industrial sector, 8% among them do not use cloud computing strategy because just they do not
want to adopt or might be because of less time and less resources available with them.
This paper by Naydenov et al. (2015), also states many reason for adopting the no cloud
approach by some of the companies in the financial sectors. The listed points below shows the
reasons for not implementing cloud computing in their business processes.
 For the security concerns many industries do not trust to use the service of cloud
computing.
 There also remains the privacy concern which prevents the industries for using the
strategies of cloud computing.
 There remains regulatory compliance or legal compliance.
 Cloud computing also involves internal policies.
From the survey conducted, the below two figures show the usage of public cloud services
and the private cloud service in the industrial sector.
Figure 6: Implementation of Public cloud based services
(Source: Naydenov et al. 2015)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

25RESEARCH PAPER
Figure 7: Implementation of Private cloud based services
(Source: Weber 2015)
From the above two diagrams, a comparative study can be done related to the Public
cloud provider and Private cloud provider. It can be analyzed that Cloud Service Providers
(CSPs) believes that the Public Cloud is very appropriate for Financial Industries and according
to National Financial Supervisory Authorities (NFSAs), Financial Industries should use Private
cloud. According to the survey, the feedback that is given by the FI (Financial Industries) is they
prefer mostly the email management system in a Public cloud instead of using Private cloud. The
financial sector also have stated that both the public cloud as well as private clouds are much
more suitable environment for the development of application and testing of application (Ifinedo
2014). The point where FI, CSPs, and NFSAs is the security of the using the security element for
the mobile. From the point of CSPs, the mobile security can be moved in public cloud that is
mainly offered by Security as a Service. From the NFSA viewpoint, the mobile security service
can be provided by Private cloud, and by FIs, both the Public as well as Private cloud provides
elements of mobile security.
From another article, according to the survey conducted by the IDC (International Data
Corporation) states that strength of the cloud computing that is to be implemented in the industry
of Information Technology, and this also gives inspiration to the Cloud Service Providers
(CSPs). The survey that is conducted in this research paper relates with the growth of cloud, and
also deals with the security aspect of the cloud computing. Cloud is considered to be the first
priority to all vendors, current and future usage, revenue report, the user’s state of cloud and the

26RESEARCH PAPER
popularity survey related to cloud computing. According to the survey, the figure below shows
the survey result on the security of cloud.
The figure 4 below represents the security as the first rank according to the IT executives.
The survey that is conducted is collected by conducting a survey with 263 IT professionals. The
IT professionals were asked different questions that are related to cloud and from the data
collected from the IT professionals and the executives, it can be clearly analyzed that the
professionals of the IT are most of the time worried about the security of the cloud they are using
in their business processes.
Figure 8: Survey on Security of Cloud Computing
(Source: Weber 2015)
According to the survey, Figure 5 below states that among all the technologies, cloud
computing is considered as first ranking technology. The data in the survey conducted is mostly
collected in the year 2010 by International data Corporation (IDC). The survey report shows that
importance of cloud computing in the financial sectors.

27RESEARCH PAPER
Figure 9: Technology priority of Cloud Computing in Financial Sectors
(Source: Weber 2015)
Taking security into consideration, the survey that is conducted consists of the security
issues that is related to cloud computing mainly in the financial sectors. As stated by NFSA,
there always remains a risks to Information Technology in-house can be controlled much easily
and the operations can be managed compared to cloud. The survey considers security as the key
consideration for adopting the cloud services (Sheikhi et al. 2015). The survey that was
conducted in the taken research study was carried out by asking questions to different
respondents. The respondents were asked to rank the common security risks from rating the risks
from one (least security concern) to five (highest security concern).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

28RESEARCH PAPER
Figure 10: Security of Cloud Computing Ranking
(Source: Rittinghouse and Ransome 2016)
According to the Financial Industry, the survey that was conducted states that there are
many security concerns related to the services that are cloud based. The Financial industries have
security concerns that are mostly related to cloud services and the FI industry are more
concerned about the data confidentiality, the compliance related, the data breach and the legal
issues that are related with cloud computing. According to NFSA, there is a loss from
governance, there is lack of transparency as well as features that lacks in auditing are the
additional risks associated with the cloud computing with those mentioned by the Financial
Industries. From the survey, it can be analyzed from the diagram that service providers of cloud
discusses security similar to that of FI including data beach, availability as well as integrity as
top most in the list. It can also be noted form the survey that there is a lack of the forensic
capabilities is not the relevant issue of cloud computing and there are many other risks as well
that are less relevant to that expressed by FIs and the NFSAs.
The figure 7, the challenges that are faced by the Cloud Service Providers and the
Financial Industries for adopting the service of cloud in their industries. From the survey

29RESEARCH PAPER
conducted, it can be analyzed that there are divergent opinions among the parties that are
involved (Smith, Bhogal and Sharma 2014). From the viewpoint of Financial Industry, the
regulatory obligations are the most important and the biggest challenge that are faced during
mitigation of the services that are cloud based. From the view of CSPs, the main challenge that
are faced is while migrating the trading solutions that are of high frequency. So, their opinions
about the challenges related to cloud computing is different.
Figure 11: Challenges faced by Cloud computing to services of cloud computing
(Source: Rittinghouse and Ransome 2016)
To mitigate the challenges that are faced by cloud computing by FIs and the CSPs, there must be
involvement of security requirements. In context of solution o high frequency trading solutions is not a
challenge to the financial industries. This is because the FIs are not planning to move the applications to
cloud. The FI also recognize that collection of log and analysis of cloud is most probably an issue that are
related with the Public Clouds. The CSPs have different opinion in this contrast. The CSPs believes that
the challenge that is related with the log collection is not at all relevant. Figure 8 shows the result of
survey related to the challenge that is faced by the cloud computing.
The financial industries are not able to get the specific risks that are related to cloud computing
and the NFSAs requires supervised institutions for identifying, migrating as well as assessing the risks.
While conducting the survey, about 46% of the respondents who were involved in the survey developed
risk assessment of cloud computing which is also known as corporate risks assessment (Sharma, Bansal
and Sharma 2015). Financial industries without developing strategies of corporate risks management for

30RESEARCH PAPER
cloud computing. Almost 42 % of the total industries in financial sectors do not have cloud strategy that
are fully structured.
Figure 12: Challenges faced by Cloud computing to services of cloud computing
(Source: Porambage et al. 2016)
A survey was also conducted to find out the mitigation process that the respondents are g-
facing or the processes that the respondents are suggesting about mitigating the security issues
faced by the cloud computing in financial sectors. Cloud Service Providers confirms that the
Financial Industries mainly asks for security measures, permission for deep auditing, permission
of there is any incident, and not moving the data of client to cloud.
For mitigating the issues or risks that lies under cloud computing, the Financial Industry
is mainly willing to engage the cloud service that offers particular functions and specific
functions. Some functions and some features are needed to improve the trust. Other features are
needed to improve the security as well as for compliance purpose.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

31RESEARCH PAPER
Figure 13: Mitigating the issues of cloud computing
(Source: Rittinghouse and Ransome 2016)
The GDPR (General Data Protection Regulation) of Europe also plays an important role
in maintaining the security issues of cloud computing in financial sectors. The GDPR mainly
regulates about how the technologies creates as well as processes all the personal data involved
and offers protection for most of the users or participants. The GDPR also regulates the amount
of data that are collected and the data processed, shared, stored as well as increasing the re-using
of data dramatically.

32RESEARCH PAPER
Figure 14: Security Risk Associated with Cloud Computing
(Source: Sharma et al. 2017)
As stated by Sharma et al. (2017), the concept of cloud computing provides beneficial
service as well as cost effective models for different users but there are many security issues that
are related with the usage profile of the user and data application. There are big challenges which
are related with the security as well as privacy issues and to address them is a big challenge. The
performance of cloud computing is mostly affected by these security issues and privacy issues.
Figure 15 shows the security issues that are associated with cloud computing. There are many
mechanism that solves the problem of security issues which involves authentication mechanism,
cryptography techniques, and virtualization. When the data, web applications, services, and
controls are available to the cloud system, the control over the cloud computing is lost. There are
many environment such as data privacy, authentication, confidentiality, internet protocol,
encryption, compliance, personal privacy, and integrity where the IP services are not trusted.
SLA (Service Level Agreement) in between the user and the service provider is used in cloud
computing which in addition also has risk of virtualization, auditing the processes, compliance
law, regulations, third-party management, non-availability of the good standards.

33RESEARCH PAPER
Figure 15: Technical Cloud Computing Risks
(Source: Sharma et al. 2017)
The figure above shows the cloud computing risks that are associated with the data and
the security issues of primary risks for the recovery that in a cloud computing environment, data
and security of data is the primary risk area whereas disaster recovery is the second critical risk
area.
Summary:
From the survey analysis, it is already been studied that about 92 % of the industry in
financial sector have started using cloud computing. The concept of GDPR is prescriptive related
to the Cloud Computing that clarifies roles as well as responsibilities of the processor and the
controller. The GDPR also clarifies the mandatory contract, responsibilities in sub-contracting as
well as data transfer across the countries. According to the survey related to the impact of GDPR
in cloud computing in financial sectors. The respondents or the participants have mentioned
some of the roles mentioned above in their survey. Their concern were noted down that were
particularly with respect of data ownership, profiling, data merging and data location related to
the readiness of GDPR in finance companies related to cloud computing.
The technologies of cloud computing along with unlimited capacity and lower cost are
linked closely with Big Data and the artificial intelligence. There are many revolution of big data

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

34RESEARCH PAPER
that consists of algorithm analysis, data availability from IoT as well as data mining for the
applications. The concept of GDPR includes Big Data in consideration.
5. Analysis and Conclusion
Analysis:
For analyzing of security issues of cloud computing in financial industries, many research
papers are considered in which the authors have carried out different surveys to find out the
importance of cloud computing in financial sectors. The authors have also successfully found out
the main areas where the financial sectors faces problem in cloud computing. The financial
sectors faces problems related to cloud computing and there is need to solve the reason for
security as well as privacy issues of cloud computing. The authors involved in those research
papers have clearly surveyed the reason of issues involved in cloud computing and the ways to
solve them. From the survey that were carried out, many ways of solving the issues were studied
from the respondents which can successfully solve the issue of cloud computing in financial
sectors.
Some of the reasons that possesses the challenges for adopting cloud computing services
are stated in the taken research paper. While conducting the survey, the authors asked the Cloud
Service Providers as well as Financial Industries about the challenges that were faced by them.
The CSPs and the FIs have different views on which they faces problems related to cloud
computing. The viewpoint of Financial Sectors was different from that of Cloud Service
Providers. According to the FIs, the biggest problem that they face is from regulatory obligations
that takes place while migrating the services of cloud in their business processes. However, for
Cloud Service Providers, the main area of problem or issues that they face is migrating a trading
solution that is usually of high frequency. Where the trading solutions are not considered as a
problem to the industries in financial sectors. The financial sectors are not moving the
applications of trading solutions in cloud storage. According to the financial sector, the main area
where they face problem is the area of log collection and analyzing the cloud creates a problem
in the finance industries. They find storing log collection difficult in cloud, specifically in public
clouds. Whereas, the Cloud Service Providers do not face this problem. This difference in
opinions seems in reflecting the need of the financial industries to remain in direct control of
what is happening in the cloud.

35RESEARCH PAPER
The service provider of cloud confirms that the Financial Industries has the need of
implementing the security measures, give permission if there is some incident, deep auditing as
well as moving the data of the client to cloud. If the incidents are not from the Financial
Industries, then penalty clauses are imposed.
Some of the smaller service providers of cloud provides isolating answers from the
European leading providers. From the survey it can be stated that the Financial Industries
demands more from the demands of the Cloud Service Providers. The FIs requires permission of
deeper auditing in case there occurs some incidents. The Financial Industries do not move the
cloud data in the clouds that are provided by smaller cloud providers. Financial sectors enforce
penalty if some incidents takes place while taking the service from small service providers of
cloud. This case is different from big service providers. According to the statistical data that was
collected by the author, it cannot be statistically significant as because the sample that was taken
for conducting the survey was very small. So, there is not specific statistical data for this survey
conducted.
From the study, Mathkunti (2014) have analyzed that the NFSA have many concerns
about adopting the services of cloud computing by the Financial Industries. The concerns that are
taken into account reflects the fact that the NFSA mainly requires the Financial Industries so that
they can follow some requirements of strict security, which starts from security measures of risk
assessment which are needed to be implemented.
Conclusion:
From the research papers, it can be stated that the stringent requirements and the
supervision done by NFSA, one of the operating requirement that is crucial to implement is
compliance. The adoption of cloud computing is mainly considered within context for
maintaining the regulatory compliance. From the study, it can be found that all the organizations
approaches assurance compliance with the cloud providers through some means. The means
through which compliance can be assured is stated below:
 92% of the compliance comes from specific contract.
 83% comes from SLAs.
 71% comes from certification.

36RESEARCH PAPER
 29% from audits.
While conducting the survey, two challenges were caused while conducting the
interview. The challenges that were faced by the Financial Industries while conducting the
interviews are discussed below:
There was lack of negotiation power as the financial industries were not having the power
required to negotiate that particular specific clauses of contract with bigger service
providers of cloud.
There was also limited perceive power in the certification area of the financial industry.
When there is high value of attestation, there remains a mixed feeling of the certification
regarding the services of cloud. There are many consensus as well in which the
certifications provide very high value and are considered as good means for the Cloud
Service Providers for ensuring the compliance with the standards. There are many
financial players in market who are skeptical in existing the schemes of cloud
certification. This happens because of information lack about relevance of standards of
cloud security in the financial market. Later on, a clear awareness gap was suggested
since the governance and the assurance standards are developed and are mainly aimed at
cloud that already exist. The governance and the assurance standards that were suggested
are considered to be matured for its adaptation. Meddeb (2016) PCI-DSS46 and ISO
2700145 are two common standards that are used but different financial industries
express the framework of cloud-specific certification that would be more helpful
approach to the compliance.
There are two particular tools that needs to support the security awareness in cloud. The
two particular tools are discussed below:
CCSL (Cloud Certification Schemes List) - This is a list that consists of existing
certification schemes that are related to the customers of cloud computing. This CCSL
scheme provides all the potential customers by giving an overview related to the
objective characteristics on each scheme. This helps the customers to understand the
working scheme of the services of cloud computing and also states whether the scheme is
actually right for the business processes involved. CCSL scheme is continuously updated
and improved along with the stakeholders from the financial sectors.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

37RESEARCH PAPER
CCSM (Cloud Certification Schemes meta-framework) – This is a particular tool frame
work that helps to collect the security requirement of the public sector and then groups
them in total of 27 objectives of security. The security objectives are also mapped against
schemes of cloud certification included in CCSL. The main aim of CCSM is providing a
more transparency and then helps the customers in public sectors along with procurement
of the services of cloud computing.
Analyzing and studying all the surveys and reports discussed by many authors, it can be
concluded that Cloud computing has mainly caused a debate compared to any other technologies
advancements. The concept of cloud computing is increased tremendously in the financial
services according to the study of last two years. The growth of cloud computing in the financial
sector generally requires vendors as well as firms to overcome the challenges together. The
Financial institutions mainly realize the main benefits of the processes of cloud computing that
lowers the cost as well as helps to do the work faster adopting to the solution of cloud without
regulatory mandate. The major shifts in the technology generally takes years to make an impact
and the migration of the core application of the financial services to cloud usually takes some
time.
After completing the research study, this paper details the security consideration as well
as the challenges that are currently faced by the cloud computing sector in the financial sectors.
There may be involvement of technical challenges related to cloud computing in the financial
services. This helps to build an effective as well as comprehensive cloud strategy. This research
paper deals with qualitative as well as quantitative data collection methods that are collected
from many research papers. The financial institutions are developed as well as adopting the
strategies of cloud within the organizations. The strategies that are involved for adopting the
hybrid clouds which consists of data centers with the private clouds. The challenges that most of
the financial institutions are all described in this research paper along with the mitigation
techniques. The challenges in the financial institutions because of the cloud computing are stated
along with mitigation measures that are available for the private cloud services.
Recommendations:
Dove et al. (2015) also talks about the mitigation measures of the services of cloud
computing. It can be analyzed that the major of the respondents have requested the Cloud

38RESEARCH PAPER
Service Providers for implementing some particular clauses of contract that includes developing
the exit strategies, right to audit, information assurance as well as security certifications, SLAs
that are clearly defined and implementing through security measures. It can be analyzed that the
NFSA has much strict approach compared to the financial industries. This is done because of its
nature is not only to make profit, but its nature id prudence based. The clause of contract are
much less reluctant about moving the data of the client taking as consideration as risk assessment
that has to be performed and risks can also be mitigated. The percentage of the financial industry
who have not entered the data of the client to cloud is to be consistent with total number of
financial industries who do not have any corporate risk assessment for services of cloud.
Bruin and Floridi (2017) states that there are many technological risks that are involved
in the Cloud computing of financial sector. In recent days, there are different innovations of
technology in the areas that includes the card payment, system virtualization, as well as mobile
technology that helps to expand the business offerings as well as customer reach in the financial
institutions. The Information Technology that are out sourcing have become attractive to
Financial Industries because of abundance of services in outsourcing. The backdrop of increased
reliance on the complex system of information technology and the operations in financial sector
is the most important risk of the cyber-attack and the system disruptions. In this context, the
Financial Industries that are expected to be continued so that they deepen the risk management
capabilities of the technology and can be ready for handling the Information Security incidents
and the system failures.
To make better guidance as well as enhancing the better address and guide of the
emerging technology risks that are related to the Financial Industries two guides have been
introduced. There are MAS Internet Banking as well as Guidelines of Technological Risk
Management (Chassang 2017). There are single set of guidelines that are implemented with the
past circulars on the endpoint security and the data protection, availability, recoverability, as well
as reliability on information system. There is a new guidelines that has termed as “Technology
Risk Management Guidelines” in the research paper for reflecting the purpose in a better way.
Along with the new guidelines involved in the system, MAS issued a Notice that defines
set of legal requirements that are related with the risk management of the technologies in
Financial Industries. These includes the requirements for reliability, recoverability, and

39RESEARCH PAPER
availability for the Information technology system and the Financial Industries are to implement
the IT controls for protecting the information of the customer from accessing the unauthorized
information.
It can be concluded that cloud computing is an adopted technology in the financial
industry of Europe. The implementation and the adoption of cloud computing in the financial
sector are not much mature. There are many security issues that are involved in the cloud
computing. A vast major industries in the financial institutions mostly rely on the in-house
infrastructure. The financial sector and the supervisory authorities have some clear view on
technical as well as financial benefits that are related with both private as well as public cloud
service infrastructure. There are many deployment models as well but all should have the risk
management strategies and should have risk control that are related to the information assets.
Among all, the most important as well as common approach that is used by the Financial
Industries is commonly a hybrid cloud infrastructure that is made from the Public cloud as well
as Private cloud computing infrastructure. The services that are offered are most often migrated
to cloud that includes the test environments as well as email management. It can also learnt that
the Financial institutions are mostly considered that the Private cloud is better fit for all the
financial market because of the compliance concerns as well as privacy concerns. The concept
of private cloud is mostly supported by the NFSA (National Financial Supervisory Authorities)
because the private cloud provides more control over the operations and the data protection.
There are many number of different sources that helps to understand the use of cloud service in a
better way in the financial sector. The analysis that is made in this research paper includes many
recommendations in the financial sectors, cloud service providers that should for making the
service of cloud computing safe in the finance sector.
Limitations:
Each research study can face problem and these problems only restricts to carry a better
research work. Many issues can be avoided by researchers while carrying out this research study
but there are some issues that the researchers cannot avoid. The limitation of cloud computing
related to security and privacy issues of cloud computing is that more number of research papers
may have been taken for carrying out this research paper. The time that was given for data
collection and data analyzing was very short. More time could had been provided for carrying

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

40RESEARCH PAPER
out this research paper. The challenges that are faced by the researchers while carrying out this
research paper is detailed below:
Time Constraints: Time is the major issue that is faced by researcher while conducting
the research study. There is limited time for the researcher for collecting data which could
basically increase acceptance level of research study. Because of time, many information which
were important was not used by researcher.
Reliability of data: For the data collection method, only the secondary data was taken
care of ignoring the primary data fully. There was no primary data collection method carried out
for this research paper. So, it was not possible for the researcher to study the real fact which
would have been very much useful for the research work. So, the researcher only conducted
secondary data research for carrying out this research study.
Using of information: Using of information was also a limitation in this research paper
as for collection of data, mainly the data of FTSE 100 Index was analyzed. The researcher was
not able to use any other source which might be effective for analyzing this research.
Future Work:
This paper may help to carry out this research topic to a wider range by concentrating
more on GDPR issues of cloud computing in financial sectors. This paper may also be helpful to
other researchers as well as the data that are collected may be helpful for future study. This
research was done with best effort by the researcher but with such less time the analysis was not
possible to do properly. Investing more time could have made this paper more impressive. To
carry out this research study, more time is needed in future. Using of data only from FTSE 100
Index, the researcher can also use information from ROA or from ROI which can help to
measure the performance as well as increase the success level of the research. More independent
variables can be selected by the researcher to make the study more effective.

41RESEARCH PAPER
References
Al-Badi, A., Tarhini, A. and Al-Kaaf, W., 2017. Financial Incentives for Adopting Cloud
Computing in Higher Educational Institutions. Asian Social Science, 13(4), p.162.
Avram, M.G., 2014. Advantages and challenges of adopting cloud computing from an enterprise
perspective. Procedia Technology, 12, pp.529-534.
Chang, V., 2014. The business intelligence as a service in the cloud. Future Generation
Computer Systems, 37, pp.512-534.
Chassang, G., 2017. The impact of the EU general data protection regulation on scientific
research. ecancermedicalscience, 11.
de Bruin, B. and Floridi, L., 2017. The ethics of cloud computing. Science and engineering
ethics, 23(1), pp.21-39.
De Hert, P. and Papakonstantinou, V., 2016. The new General Data Protection Regulation: Still a
sound system for the protection of individuals?. Computer Law & Security Review, 32(2),
pp.179-194.
Demchenko, Y., Blanchet, C., Loomis, C., Branchat, R., Slawik, M., Zilci, I., Bedri, M., Gibrat,
J.F., Lodygensky, O., Zivkovic, M. and de Laat, C., 2016, April. Cyclone: A platform for data
intensive scientific applications in heterogeneous multi-cloud/multi-provider environment.
In Cloud Engineering Workshop (IC2EW), 2016 IEEE International Conference on(pp. 154-
159). IEEE.
Dove, E.S., Joly, Y., Tassé, A.M., Burton, P., Chisholm, R., Fortier, I., Goodwin, P., Harris, J.,
Hveem, K., Kaye, J. and Kent, A., 2015. Genomic cloud computing: legal and ethical points to
consider. European Journal of Human Genetics, 23(10), p.1271.
Dzombeta, S., Stantchev, V., Colomo-Palacios, R., Brandis, K. and Haufe, K., 2014. Governance
of cloud computing services for the life sciences. IT Professional, 16(4), pp.30-37.
El-Gazzar, R., Hustad, E. and Olsen, D.H., 2016. Understanding cloud computing adoption
issues: A Delphi study approach. Journal of Systems and Software, 118, pp.64-84.

42RESEARCH PAPER
Gai, K., 2014. A review of leveraging private cloud computing in financial service institutions:
Value propositions and current performances. International Journal of Computer
Applications, 95(3), pp.40-44.
Gai, K., Du, Z., Qiu, M. and Zhao, H., 2015, November. Efficiency-aware workload
optimizations of heterogeneous cloud computing for capacity planning in financial industry.
In Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference
on (pp. 1-6). IEEE.
Gai, K., Qiu, M., Thuraisingham, B. and Tao, L., 2015, August. Proactive attribute-based secure
data schema for mobile cloud in financial industry. In High Performance Computing and
Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and
Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems
(ICESS), 2015 IEEE 17th International Conference on (pp. 1332-1337). IEEE.
Gangwar, H., Date, H. and Ramaswamy, R., 2015. Understanding determinants of cloud
computing adoption using an integrated TAM-TOE model. Journal of Enterprise Information
Management, 28(1), pp.107-130.
Gutierrez, A., Boukrami, E. and Lumsden, R., 2015. Technological, organisational and
environmental factors influencing managers’ decision to adopt cloud computing in the
UK. Journal of Enterprise Information Management, 28(6), pp.788-807.
Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A. and Khan, S.U., 2015. The rise
of “big data” on cloud computing: Review and open research issues. Information Systems, 47,
pp.98-115.
Ifinedo, P., 2014. The effects of national culture on the assessment of information security
threats and controls in financial services industry. International Journal of Electronic Business
Management, 12(2), p.75.
Inukollu, V.N., Arsi, S. and Ravuri, S.R., 2014. Security issues associated with big data in cloud
computing. International Journal of Network Security & Its Applications, 6(3), p.45.
Inukollu, V.N., Arsi, S. and Ravuri, S.R., 2014. Security issues associated with big data in cloud
computing. International Journal of Network Security & Its Applications, 6(3), p.45.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

43RESEARCH PAPER
James, A. and Chung, J.Y., 2015. Business and industry specific cloud: challenges and
opportunities.
Kertesz, A. and Varadi, S., 2014. Legal aspects of data protection in cloud federations.
In Security, Privacy and Trust in Cloud Systems (pp. 433-455). Springer, Berlin, Heidelberg.
Li, Y., Gai, K., Qiu, L., Qiu, M. and Zhao, H., 2017. Intelligent cryptography approach for
secure distributed big data storage in cloud computing. Information Sciences, 387, pp.103-115.
Lučić, D., Boban, M. and Mileta, D., 2018, May. An impact of general data protection regulation
on a smart city concept. In 2018 41st International Convention on Information and
Communication Technology, Electronics and Microelectronics (MIPRO). IEEE.
Manogaran, G., Thota, C. and Kumar, M.V., 2016. MetaCloudDataStorage architecture for big
data security in cloud computing. Procedia Computer Science, 87, pp.128-133.
Maresova, P. and Klimova, B., 2015. Investment evaluation of cloud computing in the European
business sector. Applied Economics, 47(36), pp.3907-3920.
Martínez-Pérez, B., De La Torre-Díez, I. and López-Coronado, M., 2015. Privacy and security in
mobile health apps: a review and recommendations. Journal of medical systems, 39(1), p.181.
Mathkunti, N.M., 2014. Cloud Computing: Security Issues. International Journal of Computer
and Communication Engineering, 3(4), p.259.
Meddeb, A., 2016. Internet of things standards: who stands out from the crowd?. IEEE
Communications Magazine, 54(7), pp.40-47.
Mosco, V., 2015. To the cloud: Big data in a turbulent world. Routledge.
Naydenov, R., Liveri, D., Dupre, L. and Chalvatzi, E., 2015. Secure Use of Cloud Computing in
the Finance Sector.
Phaphoom, N., Wang, X., Samuel, S., Helmer, S. and Abrahamsson, P., 2015. A survey study on
major technical barriers affecting the decision to adopt cloud services. Journal of Systems and
Software, 103, pp.167-181.
Porambage, P., Ylianttila, M., Schmitt, C., Kumar, P., Gurtov, A. and Vasilakos, A.V., 2016.
The quest for privacy in the internet of things. IEEE Cloud Computing, (2), pp.36-45.

44RESEARCH PAPER
Qiu, M., Gai, K., Thuraisingham, B., Tao, L. and Zhao, H., 2018. Proactive user-centric secure
data scheme using attribute-based semantic access controls for mobile clouds in financial
industry. Future Generation Computer Systems, 80, pp.421-429.
Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management,
and security. CRC press.
Schoenen, S., Mann, Z.Á. and Metzger, A., 2017, November. Using risk patterns to identify
violations of data protection policies in cloud systems. In International Conference on Service-
Oriented Computing (pp. 296-307). Springer, Cham.
Sharma, H., Bansal, H. and Sharma, A.K., 2015. Cloud computing. on: http://www. edureka.
co/blog/what-is-cloud-computing.
Sharma, P.K., Kaushik, P.S., Agarwal, P., Jain, P., Agarwal, S. and Dixit, K., 2017, October.
Issues and challenges of data security in a cloud computing environment. In Ubiquitous
Computing, Electronics and Mobile Communication Conference (UEMCON), 2017 IEEE 8th
Annual (pp. 560-566). IEEE.
Sheikhi, A., Rayati, M., Bahrami, S., Ranjbar, A.M. and Sattari, S., 2015. A cloud computing
framework on demand side management game in smart energy hubs. International Journal of
Electrical Power & Energy Systems, 64, pp.1007-1016.
Siu, L.L., Lawler, M., Haussler, D., Knoppers, B.M., Lewin, J., Vis, D.J., Liao, R.G., Andre, F.,
Banks, I., Barrett, J.C. and Caldas, C., 2016. Facilitating a culture of responsible and effective
sharing of cancer genome data. Nature medicine, 22(5), p.464.
Smith, A., Bhogal, J. and Sharma, M., 2014, August. Cloud computing: adoption considerations
for business and education. In 2014 2nd International Conference on Future Internet of Things
and Cloud (FiCloud) (pp. 302-307). IEEE.
Tao, F., Zuo, Y., Da Xu, L. and Zhang, L., 2014. IoT-based intelligent perception and access of
manufacturing resource toward cloud manufacturing. IEEE Trans. Industrial Informatics, 10(2),
pp.1547-1557.

45RESEARCH PAPER
Thota, C., Manogaran, G., Lopez, D. and Vijayakumar, V., 2018. Big data security framework
for distributed cloud data centers. In Cyber Security and Threats: Concepts, Methodologies,
Tools, and Applications (pp. 589-607). IGI Global.
Vogel, H.L., 2014. Entertainment industry economics: A guide for financial analysis. Cambridge
University Press.
Weber, R.H., 2015. Internet of things: Privacy issues revisited. Computer Law & Security
Review, 31(5), pp.618-627.