Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
Regulators warn of outsourced cloud computing risks
WASHINGTON (7/11/12)--Credit unions and other financial institutions should clearly identify and mitigate legal, regulatory, and reputational risks before they decide to use cloud computing for data storage and other computing purposes, the Federal Financial Institutions Examination Council (FFIEC) said in a Tuesday release.

In cloud computing, data are not held in one central spot, but are shared among different servers and locations.

Outsourcing to cloud computing providers can help reduce costs and improve the flexibility, scalability and speed of data use and storage, the FFIEC said. However, credit unions and other institutions should perform adequate due diligence before any moves to such systems are made, and should be aware of cloud-specific security and regulatory issues.

Cloud computing is another form of outsourcing, with the same basic risk characteristics and risk management requirements as traditional forms of outsourcing, the FFIEC said.

Financial institutions should assess the strength of any cloud computing firm's internal controls, and examine their own data security standards, before moving forward, the FFIEC suggested. Cloud storage could increase the frequency and complexity of security incidents, the FFIEC noted. The regulators said financial institutions and cloud computing providers should ensure that their firms effectively monitor their systems for security-related threats, and be sure to have appropriate forensic strategies for investigation and evidence collection in the event of a security breach.

Cloud computing also can create new compliance issues if customer data are stored or processed overseas. Overseas data storage can make it more difficult for financial institutions to assess compliance. Also, due diligence may be more complex and difficult in an environment where the cloud computing service provider processes and stores data overseas, the FFIEC warned.

For the full FFIEC release, use the resource link.
Other Resources

RSS





print
News Now LiveWire
#NewsNow Redwood CU branch manager will do double duty as mayor http://t.co/yRnkcQYrEG
20 minutes ago
.@PCUA PAC donors notch record $151K+, surpassing 2013 total
21 minutes ago
Cheney, La Pine, Middleman join @NCUFoundation board #NewsNow http://t.co/4C14PZpFf5
1 hours ago
Happy holidays! Here's your gift-report of another data breach: Staples between April and Sept, 1.16M cards at risk http://t.co/jDhJCkf3LC
2 hours ago
Maine credit unions put Food Mobile on the road to relieving hunger in rural areas http://t.co/R0xpt6BAZE
18 hours ago