Story image

Singapore cloud providers given more risk management freedom

12 Jul 2016

Singapore's cloud guidelines are getting a shakeup to bring them into line with the Monetary Authority of Singapore (MAS) guidelines and expectations, which will support safeguarding customer information.

Singapore Trade and Industry Minister Lim Hng Kiang announced the changes at a meeting at the end of last month. The guidelines will identify and improve risk management surrounding cloud services, particularly to banks and service providers to safeguard customer information, ensuring practices are conducted as if they are in-house. "MAS recognises cloud services can offer various benefits such as scalability and advanced functionalities, and is amenable to banks leveraging on cloud services to fulfil their business and operational needs. MAS expects banks to ensure that their risk management measures are commensurate with the nature, scope and complexity of the cloud deployment models that they adopt," says Kiang.

The new guidelines will allow MAS to monitor outsourced risk management frameworks, instead of using case-by-case approval for organisations who want to outsource operations. Organisations will now be entirely responsible for their own risk management procedures.

"there will be a greater emphasis on safeguarding customer information. MAS views seriously the responsibility of banks to safeguard the integrity and security of customer information held by the bank and its service providers. To enhance the protection of critical customer information, outsourcing arrangements involving certain customer information will be subject to a higher standard of care," Kiang says.

Kiang believes that banks must regularly test their contingency plans, particularly in a complex risk environment. He concluded the meeting by commending the industry on its commitment to risk management through technology, systems and people.

Singapore's Infocomm Development Authority has developed the Cloud Outage Incident Response guidelines for providers who experience outages.

The Information Technology Standard Committee developed the Multi-Tier Cloud Security (MTCS) standard allows cloud providers to certify their security operations.

Aerohive achieves ISO/IEC 27001 cloud platform certification
Aerohive is the first cloud-managed networking vendor recognized by a global standard for commitment to information security management systems.
Is Google’s Stadia feasible with today’s data centres?
To get a better idea of the sheer audacity behind Google’s latest move, we spoke to Unitas Global chief technical officer Grant Kirkwood.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
VMware allures APJ channel veteran to take the reins
Balasingam will take on the role of vice president for VMware’s partner business in Asia Pacific and Japan (APJ).
Security top priority for Filipinos when choosing a bank - Unisys
Filipinos have greatest appetite in Asia Pacific to use biometrics to access banking services
Opinion: Modular data centers mitigate colocation construction risks
Schneider's Matthew Tavares believes modular data centers are key for colocation providers seeking a competitive advantage with rapid deployment.
Alibaba Cloud opening up data centres & services for AU businesses
At its dedicated China Gateway Summit held in Sydney, Alibaba Cloud announced its new programme for Australian business partners and clients.