Security and compliance as a service for Fintech

Ruchin Kumar, Vice President, South Asia, Futurex

Security as a service emerged from the recent trend of service-oriented architecture. With service-oriented architecture, companies can develop innovative products and services using a cloud provider’s infrastructure for back-end processing. To know more about cloud-based security in the Fintech Space, Srajan Agarwal of Elets News Network (ENN) talked with Ruchin Kumar, Vice President, South Asia, Futurex.

What are general security and compliance challenges for Fintech?

Fintechs often need HSMs to secure keys and process transactions. As such, key management solutions are needed to fulfill PKI use cases, while encryption solutions are needed to protect payment data. Deploying on-premises HSMs can pose a logistical and financial challenge for smaller and medium-sized businesses. As such, many Fintechs are starting to look for cloud solutions to meet their needs in a holistic yet cost-effective way.

Present and evolving scenario in data security

South Asia is quickly becoming the world’s Fintech capital, with thousands of new organisations offering services on both a local and a global scale. This further drives the demand for thorough encryption solutions that meet India’s national compliance requirements. While also observing international standards PCI, India has developed robust compliance requirements that require data to be processed and stored within national boundaries. This in turn has created the demand for locally based HSM and cloud solutions.

How can the best return on investment be achieved? The total cost of ownership is optimised.

An IT security solution should meet an organisation’s current security goals, but more importantly, it should scale to meet future business needs. If an organisation is to grow, its data security platform must scale to fulfill new use cases and easily overcome future challenges. This minimises the cost of upgrades, the effort to integrate new solutions, and the challenge of managing it all.

Migrating payment HSMs to the cloud presents a reliable and expedient means of reducing an organisation’s TCO. On one hand, migrating an entire infrastructure to the cloud consolidates it into a centralised platform. This allows you to manage operations from a single pane of glass, and avoid the integration pain points that come with multi-vendor or legacy infrastructure. In addition to streamlined management, cloud HSM solutions allow an organisation to use the same use cases as physical HSMs but without the cost of maintaining on-premises infrastructure.

How challenging is it to implement and run security infrastructure (like HSMs & keys) in compliance with PCI and local regulations?

For organisations in the payments sector, compliance is paramount. Fortunately, the right HSM provider can make it an afterthought. HSM providers like Futurex design their encryption hardware – including its cloud-based counterpart – with inherent compliance with international standards like PCI.

In short, deploying an HSM or key management tool with the physical and logical security controls of Futurex ensures compliance. On the other hand, the data residency requirements of institutions like NPCI require organisations to store certain types of data only within their nation of origin. However, forward-thinking providers like Futurex have established data centers in every major geographic region to help organisations comply with data residency requirements with ease.

How much time does it take to migrate to cloud-based security and where is the cloud DC located?

The cloud migration process is highly streamlined and can be accomplished at whichever pace an organisation is willing to move. Organisations that wish to develop their product or service simultaneously to migrating to the cloud can set a pace that best suits their project timelines. Futurex provides subject matter experts available on-site and remotely to expedite the process. Finally, with data centers in Mumbai and Hyderabad, as well as over a dozen strategic locations worldwide, organisations are never far away from their sensitive data.

What is on stake for Fintech in case of data breach or fraud?

While technological security has certainly evolved over the past few years, so too has the sophistication and frequency of data breaches. Whether you represent a national bank or a Fintech startup, the cost of a data breach can range from a significant impediment to a total catastrophe. This is because organisations do not only suffer financial repercussions from fraud or a data breach. Securing data is all about maintaining trust. When security is compromised, so too is trust in an organisation.

What problems does security as a service solve?

Security as a service emerged from the recent trend of service-oriented architecture. With service-oriented architecture, companies can develop innovative products and services using a cloud provider’s infrastructure for back-end processing. Security as a service solves the problem of deploying data security infrastructure for organisations that aren’t financially or operationally equipped to do so. It serves to foster innovation and speed up deployment in a cost-effective manner.

Important points to be considered by Fintech in the selection of services.

The most important consideration for a Fintech wishing to deploy cryptographic infrastructure is to find an excellent provider. But what makes a provider excellent? We at Futurex would respectfully offer ourselves as an example.

Over 40 years, we’ve earned the trust of 15,000 clients worldwide with data security solutions that comply with a wide variety of security standards, that are easy to integrate with existing systems and public cloud providers, and that feature the industry’s most versatile suite of encryption solutions. Just as importantly, Futurex places special emphasis on customer service.

Our staff of certified solutions architects are available 24/7/365 to help our customers remain successful in their endeavor to secure highly sensitive data.

Futurex local presence and experience working with Fintech

Futurex specialises in crafting solutions for Fintech clients. With a strong local data center presence in South Asia, and around the world at large, and with hardware that complies with the strictest requirements, organisations are well advised to place their trust in Futurex’s industry-leading cryptographic services.

How is Futurex helping Fintech in South Asia and beyond?

By delivering scalable, highly available cloud solutions rooted in local data centers, Futurex aims to provide Fintechs with the tools they need to drive innovation within the South Asia market and beyond.

"Exciting news! Elets Banking & Finance Post is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest insights!" Click here!

Elets The Banking and Finance Post Magazine has carved out a niche for itself in the crowded market with exclusive & unique content. Get in-depth insights on trend-setting innovations & transformation in the BFSI sector. Best offers for Print + Digital issues! Subscribe here➔

Get a chance to meet the Who's who of the Banking & Finance industry. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook, connect with us on LinkedIn and follow us on Twitter, Instagram & Pinterest.