Story image

Singapore cloud providers given more risk management freedom

12 Jul 16

Singapore's cloud guidelines are getting a shakeup to bring them into line with the Monetary Authority of Singapore (MAS) guidelines and expectations, which will support safeguarding customer information.

Singapore Trade and Industry Minister Lim Hng Kiang announced the changes at a meeting at the end of last month. The guidelines will identify and improve risk management surrounding cloud services, particularly to banks and service providers to safeguard customer information, ensuring practices are conducted as if they are in-house.

"MAS recognises cloud services can offer various benefits such as scalability and advanced functionalities, and is amenable to banks leveraging on cloud services to fulfil their business and operational needs. MAS expects banks to ensure that their risk management measures are commensurate with the nature, scope and complexity of the cloud deployment models that they adopt," says Kiang.

The new guidelines will allow MAS to monitor outsourced risk management frameworks, instead of using case-by-case approval for organisations who want to outsource operations. Organisations will now be entirely responsible for their own risk management procedures.

"there will be a greater emphasis on safeguarding customer information. MAS views seriously the responsibility of banks to safeguard the integrity and security of customer information held by the bank and its service providers. To enhance the protection of critical customer information, outsourcing arrangements involving certain customer information will be subject to a higher standard of care," Kiang says.

Kiang believes that banks must regularly test their contingency plans, particularly in a complex risk environment. He concluded the meeting by commending the industry on its commitment to risk management through technology, systems and people.

Singapore's Infocomm Development Authority has developed the Cloud Outage Incident Response guidelines for providers who experience outages.

The Information Technology Standard Committee developed the Multi-Tier Cloud Security (MTCS) standard allows cloud providers to certify their security operations.

A10’s app delivery solution now on Azure Marketplace
With the Harmony Controller, organisations can automate deployment and operations of application services.
Virtustream launches cloud automation and security capabilities
Virtustream Enterprise Cloud enhancements accelerate time-to-value for enterprises moving mission critical apps to the cloud.
Digital Realty nabs new executive appointment from Equinix
Keep your friends close and your enemies closer could be the game plan that Digital Realty is currently following.
CSPs ‘not capable enough’ to meet 5G demands of end-users
A new study from Gartner produced some startling findings, including the lack of readiness of communications service providers (CSPs).
Microsoft invests in more Azure availability for Asia
Asia is proving to be a hot spot among the major cloud providers with new investments happening on a seemingly weekly basis.
Korean Air to close on-premises data centre within 3 years
One of the world’s top ten airlines has declared its going all-in with cloud and shutting down its on-premises infrastructure - the first in APAC to do so.
Industry cloud market forecast for ‘unusual’ growth
The market for industry cloud solutions is in good stead with that growth showing little signs of slowing.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.