The Russian invasion of Ukraine has brought significant changes to the political and economic landscape, including digital services such as fintech. The ongoing warfare has caused massive devastation, including the physical destruction of data centers. As a result, Ukrainian banks and other financial service providers are increasingly moving their data to the cloud. However, the move is not without its challenges, particularly regarding compliance with data protection laws and regulations.
Impact of martial law on data security
One of the main concerns is the impact of Martial Law on data security. The Russian invasion has highlighted the need for a more proactive approach to security, given the uncertainty around whether other states could invade other countries. Cloud computing services may soon become the norm in the fintech sector, but current legislation in Europe and the US has strict regulations on which data can or cannot be stored in the cloud.
Ukrainian legislation was also affected by the conflict. Before the invasion, the Ukrainian government and private businesses were legally required to store their data on Ukrainian systems. However, a week before the Russian army entered Ukraine, the National Bank of Ukraine and the Law on Cloud Technologies enabled the government and private businesses to move their data to the cloud. The resolution also confirmed that Ukrainian banks could handle and preserve clients’ personal data and other private information, such as financial transaction data, in compliance with local or host-nation legislation for cloud service infrastructure. This might be any European Union or European Community nation, as well as the United Kingdom, the United States, or Canada.
Compliance and security standards
Moving data to the cloud offers several benefits, such as cost-effectiveness, a transition to digital, data backup and restoration, and lower risks of legacy infrastructure. Additionally, there are industry standards and control frameworks for cloud information security that may apply to companies in the US and Europe, including ISO 27001, the Payment Card Industry Data Security Standard (PCI DSS), FedRAMP, the Sarbanes-Oxley Act of 2002 (SOX), and the Cybersecurity Framework from the National Institute of Standards and Technology (NIST).
The EU Cloud Code of Conduct, which is part of the General Data Protection Regulation (GDPR), was released on May 20, 2021, and provides clear criteria for cloud service providers. Compliance with the GDPR can be achieved by the cloud service providers under the supervision of an accredited monitoring body. There are three levels of code compliance for cloud service providers, and applicants must show full compliance with the code through third-party certificates and audits for the highest level.
Stricter rules may improve long-term security and consumer confidence, as seen with GDPR, which has successfully kept customers’ personal information safe. A more proactive approach to security, including the use of cloud computing services, can enhance data security in the fintech sector.
Successful cloud migration examples
Migrating data to the cloud is becoming increasingly important for businesses, especially in times of crisis. Several Ukrainian banks have successfully moved their IT infrastructure from on-premises data centers to the cloud, in order to minimise the risk of hardware being destroyed during emergencies. For example, PrivatBank, one of the largest banks in Ukraine, migrated its core applications to the cloud in just 45 days, which included moving over 4 petabytes of customer data and more than 270 mission-critical apps. Similarly, Monobank is in the process of moving some of its processing power to Amazon’s cloud services, to avoid interruptions in customer service during emergencies.
The Ukrainian government has also migrated data from various organisations to the cloud, including the property register, the financial system, 27 Ukrainian ministries, 18 universities, and private firms. Information is now being sent from Ukraine to 61 countries, demonstrating the potential benefits of cloud migration for global operations.
Dozens, a UK-based financial institution that my company helped to launch, also migrated to the cloud to improve the performance, reliability, and recovery options of its in-house infrastructure. After a thorough review of options, the company decided to fully migrate to an AWS solution capable of handling its intensive usage. Additionally, Dozens’ business analysis team ensured compliance with British and European laws.
Challenges during cloud migration
Building the right team for successful cloud migration. To successfully migrate to the cloud, businesses need to assemble and train the right team, including IT specialists, network administrators, penetration testers, and cybersecurity engineers.
Choosing the right provider. It’s also important to research top trusted cloud providers and choose the right service model, such as Business Process as a Service (BPaaS), Software as a Service (SaaS), Platform-as-a-Service (PaaS), or Infrastructure as a Service (IaaS).
Ensuring security and compliance during cloud migration. However, businesses may encounter challenges during the migration, such as understanding shared responsibility for cloud security, carefully reviewing contract and service-level agreements, complying with regulations, and implementing appropriate cybersecurity and encryption technologies. Overall, cloud migration can offer a more cost-effective and efficient solution for businesses, especially those with global operations.
The recent Russian invasion of Ukraine has provided valuable lessons, and while cloud migration is not the main focus, it remains a useful topic regardless of one’s feelings towards Ukraine or Russia. For digital businesses with international operations, cloud migration is essential and will continue to be so.
The main reason for this migration effort is to ensure data security, but the success of this endeavor will depend on how the data is utilised to benefit people. By transferring information from on-premise storage to the cloud, businesses can not only benefit themselves, but also their customers.