Call for Paper - January 2024 Edition
IJCA solicits original research papers for the January 2024 Edition. Last date of manuscript submission is December 20, 2023. Read More

Best Practices for Securing Financial Data and PII in Public Cloud

Print
PDF
 
Download Full Text
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 183 - Number 40
Year of Publication: 2021
Authors:
Pankti Desai, Thaier Hamid
10.5120/ijca2021921737

Pankti Desai and Thaier Hamid. Best Practices for Securing Financial Data and PII in Public Cloud. International Journal of Computer Applications 183(40):1-6, December 2021. BibTeX

@article{10.5120/ijca2021921737,
	author = {Pankti Desai and Thaier Hamid},
	title = {Best Practices for Securing Financial Data and PII in Public Cloud},
	journal = {International Journal of Computer Applications},
	issue_date = {December 2021},
	volume = {183},
	number = {40},
	month = {Dec},
	year = {2021},
	issn = {0975-8887},
	pages = {1-6},
	numpages = {6},
	url = {http://www.ijcaonline.org/archives/volume183/number40/32192-2021921737},
	doi = {10.5120/ijca2021921737},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

The financial sector has been one of the more cautious industries when it comes to adoption of new technologies. However, considering the massive benefits and opportunities cloud adoption can potentially provide, financial institutions are now ready to get on to the cloud adoption journey. This introduces a number of challenges for these institutions around storage of sensitive financial data and personal identifiable information (PII) in public cloud.This research reviews the challenges faced by financial institutions in storing their financial data and PII in public cloud infrastructure and aims to derive best practices based on their learnings. Senior stakeholders from large UK organisations were interviewed for collecting details based on their real-life experiences. The learnings are then validated by comparing to the industry best practices. As a result, this paper provides insights into several best practices around storing sensitive data in the public cloud that will further guide other financial institutions adopting the cloud.

References

  1. Bahşi, H., Udokwu, C.J., Tatar, U., and Norta, A. (2018) Impact Assessment of Cyber Actions on Missions or Business Processes: A Systematic Literature Review, in: International Conference on Cyber Warfare and Security, Academic Conferences International Limited, United Kingdom, pp. 11-20,X-XI.
  2. Bird, D., (2018). Information Security risk considerations for the processing of IoT sourced data in the Public Cloud. Living in the Internet of Things: Cybersecurity of the IoT - 2018, [online].
  3. Borkar, P., (2019). IPS Security: How Active Security Saves Time and Stop Attacks. [online] Exabeam.
  4. Bruma, L., (2020). An Approach for Information Security Risk Assessment in Cloud Environments. Informatica Economica, [online] 24(4/2020), pp.29-40.
  5. Che, J., Duan, Y., Zhang, T. and Fan, J., (2021). Study on the Security Models and Strategies of Cloud Computing. [online]
  6. Chen, L., Takabi, H. and Le-Khac, N., (2019). Security, Privacy, and Digital Forensics in the Cloud. 1st ed.
  7. Coalfire, (2019). Cloud Security Intelligence Report. [online]
  8. Fink, A., (2019). Conducting Research Literature Reviews: From The Internet To Paper. Los Angeles, CA: Sage.
  9. Hamza, M., Abubakar, H. and Danlami, Y., (2018). Identity and Access Management System: a Web-Based Approach for an Enterprise. [online]
  10. Huang, D., Chowdhary, A. and Pisharody, S., (2020). Microsegmentation: From Theory to Practice. [online]
  11. HyTrust, (2021). Cloud Security Policy | Workload Security | HyTrust. [online]
  12. Iwasokun, G., Omomule, T. and Akinyede, R., (2018). Encryption and Tokenization-Based System for Credit Card Information Security. [online]
  13. Koch, R., (2019). What is considered personal data under the EU GDPR? - GDPR.eu. [online] GDPR.eu.
  14. Kumar, R. and Goyal, R., (2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, [online] 33, pp.1-48.
  15. Lee, H. and Tao, Y., (2016). Bridging Cloud Security and Data Protection, using MTCS and ISO27018. [online]
  16. Lee, H. and Tao, Y., 2017. MTCS for Healthcare. 2017 International Conference on Cloud Computing Research and Innovation (ICCCRI), [online]
  17. Mell, P. and Grance, T., (2011). 1[online] National Institute of Standards and Technology.
  18. Omoyiola, B., (2020). Strategies for Securing Cloud Services. [online]
  19. Poyraz, O., Canan, M., McShane, M., Pinto, C. and Cotter, T., (2020). Cyber assets at risk: monetary impact of U.S. personally identifiable information mega data breaches. The Geneva Papers on Risk and Insurance - Issues and Practice, [online] 45(4), pp.616-638.
  20. Song, H., (2020). Testing and Evaluation System for Cloud Computing Information Security Products. [online]
  21. Subramanian, N. and Jeyaraj, A., (2018). Recent security challenges in cloud computing. Computers & Electrical Engineering, [online] 71, pp.28-42.
  22. Synopsys, (2019). Synopsys Cloud Security Report 2019. [online]

Keywords

Public Cloud, financial data, PII, cloud security, financial institutions, cloud security best practices, data privacy, data security.