As the cloud wins over the financial sector, keeping customers secure requires technology and talent

Digital disruption has arrived for notoriously cautious financial services firms. Applications are one of the most important competitive differentiators in the industry today, powering everything from accounting systems to transaction engines to the customer experience. 

What’s more eye-opening is that those apps are increasingly running in the cloud. Given that financial services companies have long been skeptical about making the move to cloud services, why are they shifting now? 

For starters, developing apps in the cloud enables institutions to get innovative new products and services to market faster, and this increased application velocity means they can keep pace with changing consumer expectations and differentiate themselves through new experiences. For financial firms today, offering a feature-rich, slick mobile app is an integral part of the overall brand.    

Another factor is increasing urgency to modernize. Many financial firms still rely on legacy technologies for back-end applications that move data and money. But lessons learned during the COVID-19 pandemic have shown the fragility of some older processes and may accelerate a full-scale transition to the cloud as institutions face increasing pressure to ratchet up innovation. 

However, emphasizing application development velocity at the expense of security can backfire, especially in an environment where so much change is happening so quickly. Rapidly iterating on apps without solid underlying security practices can expose vulnerabilities and put valuable account holder data and transactions at risk. 

As firms seek to balance these priorities, here are some key points to consider.

Know the risks

Security has become an even more pressing priority as cybercriminals exploit our increased dependency on digital services during the pandemic. As more transactions take place online, threat actors are constantly on the lookout for new vulnerabilities to exploit—using increasingly sophisticated attack methods. 

Those threats can come not only from cyberattacks, but also through a form of user entropy. Employees and customers may tire of multiple log-ins and other controls, and try to circumvent or abandon them for expediency. For example, many consumers still resist multi-factor authentication even though it has proven highly effective for preventing most types of attacks. 

Whether financial services firms are operating in the cloud or not, they need holistic application protection that stands up to a range of ever-evolving attack types. They also need a mix of controls that safeguard systems without wearing on users. The days of simply checking a series of security boxes should be well in the past. 

Choose the right technology stack

There is no one-size-fits-all approach to meeting account holder demand for convenience and innovation while minimizing risk. When it comes to successful application innovation, institutions can choose from a number of different strategies, each with a unique set of pros and cons. 

New services can be acquired through a merger or purchase, but this often entails a costly integration effort that can expose vulnerabilities along the way. Companies can invest in or establish partnerships with fintech firms, but these avenues can lead to gaps in custody over data. Alternately, the applications can be developed in-house, but the business must have the right talent and resources to do so. 

For firms that opt to innovate in-house, it’s imperative that they modernize infrastructure and solutions to achieve end-to-end automation across the application and API lifecycles. And whichever approach institutions take, they need the right automation tools to enable zero-touch application delivery, as well as a modern API management solution to boost security, reduce latency, and minimize gateway complexity for super-fast and secure network performance. 

This all starts with an evolved application methodology—using the right level of automation and immediately deployable infrastructures—to maximize security and performance. 

Hire the right talent

When mapping out a digital transformation strategy, financial services companies also must look beyond technology and think about human capital. This rule applies whether a firm is handling development in-house or partnering with a fintech firm to launch innovative products and services. 

Organizations should ensure they have software engineering and DevOps talent that is up to the job of developing new cloud apps and replacing legacy systems that have been in place for years. But as the digital transformation gathers speed, cyber-risk management is another top priority, and competition for talent in areas such as advanced threat management is becoming particularly fierce.  

This talent gap puts financial institutions in direct competition with tech giants such as Google, Amazon, and Facebook. While generous salaries, benefits packages, and bonuses are a must, a flexible people-first culture, meaningful work, and professional development opportunities can also give companies an edge in recruiting. 

The best developers also want to adopt agile infrastructure and work with the latest and greatest technologies, so firms need to demonstrate an unwavering commitment to innovation. 

Evolve your application architecture

Holding on to legacy infrastructure makes delivering modern, convenient apps much more difficult. A flexible, extensible enterprise application architecture (EAA) can help drive consistency and alignment to deliver, secure and serve modern apps at scale. 

An evolved EAA approach aligns innovation efforts with business strategy and supports easy integration of emerging technologies to help organizations stay agile. With the right EAA, developers can deliver modern applications swiftly and securely—regardless of location or device—and in compliance with standards and regulations. 

Having an EAA in place also opens up more opportunities to partner with service providers who have specialized expertise in complex financial services industry requirements.

With the foundation in place: innovate

Companies across every industry are under pressure today to deliver new apps and experiences and keep up with consumer demand. The good news is that application innovation and security don’t have to be at odds. 

By hiring the right talent and creating a secure, low-latency environment as part of a well-designed enterprise application infrastructure, financial service organizations can speed time-to-market for new apps and services without compromising security or performance at any stage of the application lifecycle.