Story image

Singapore cloud providers given more risk management freedom

12 Jul 16

Singapore's cloud guidelines are getting a shakeup to bring them into line with the Monetary Authority of Singapore (MAS) guidelines and expectations, which will support safeguarding customer information.

Singapore Trade and Industry Minister Lim Hng Kiang announced the changes at a meeting at the end of last month. The guidelines will identify and improve risk management surrounding cloud services, particularly to banks and service providers to safeguard customer information, ensuring practices are conducted as if they are in-house.

"MAS recognises cloud services can offer various benefits such as scalability and advanced functionalities, and is amenable to banks leveraging on cloud services to fulfil their business and operational needs. MAS expects banks to ensure that their risk management measures are commensurate with the nature, scope and complexity of the cloud deployment models that they adopt," says Kiang.

The new guidelines will allow MAS to monitor outsourced risk management frameworks, instead of using case-by-case approval for organisations who want to outsource operations. Organisations will now be entirely responsible for their own risk management procedures.

"there will be a greater emphasis on safeguarding customer information. MAS views seriously the responsibility of banks to safeguard the integrity and security of customer information held by the bank and its service providers. To enhance the protection of critical customer information, outsourcing arrangements involving certain customer information will be subject to a higher standard of care," Kiang says.

Kiang believes that banks must regularly test their contingency plans, particularly in a complex risk environment. He concluded the meeting by commending the industry on its commitment to risk management through technology, systems and people.

Singapore's Infocomm Development Authority has developed the Cloud Outage Incident Response guidelines for providers who experience outages.

The Information Technology Standard Committee developed the Multi-Tier Cloud Security (MTCS) standard allows cloud providers to certify their security operations.

Data centre cybersecurity actions that most people overlook
Schneider’s Steven Carlini discusses ways to improve data centre cybersecurity that most people don’t think of until it’s too late.
Alibaba Cloud showcases commitment to Hong Kong
The company’s service capability in Hong Kong has doubled since it established its first data centre in the city in 2014.
5 tips to reduce data centre transceiver costs
Keysight Technologies' Nicole Faubert shares her advice on how organisations can significantly reduce test time and cost of next-generation transceivers.
The new world of edge data centre management
Schneider Electric’s Kim Povlsen debates whether the data centre as we know it today will soon cease to exist.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
SUSE partners with Intel and SAP to accelerate IT transformation
SUSE announced support for Intel Optane DC persistent memory with SAP HANA.
Inspur uses L11 rack level integration to deploy 10,000 nodes in 8 hours
Inspur recently delivered a shipment of rack scale servers of more than 10,000 nodes to the Baidu Beijing Shunyi data center within 8 hours.
How HCI helps enterprises stay on top of data regulations
Increasing data protection requirements will supposedly drive the demand for Hyper-Converged Infrastructure solutions across the globe.