Technology Record - Issue 24: Spring 2022

93 F I NANC I A L S E R V I C E S strong governance, can deliver appropriate oversight and also provides the mechanisms to tackle cyber threats.” Microsoft and its partner community are perfectly positioned to help financial services firms in this regard. In fact, Microsoft has put security and regulatory compliance at the foundation of its cloud services, spending over $1 billion each year on cybersecurity. “We understand that to maximise the effectiveness of security organisations, tools must be fully integrated to improve efficacy and provide end-to-end visibility,” says Borden. Microsoft Cloud for Financial Services provides several compliance and cybersecurity capabilities through built-in tools, account protection and programmes. Built-in tools include Azure Sentinel, which supports versatile options including both hybrid and multi-cloud implementations for financial services with integrated security, identity and compliance. This allows simplified management for both virtual machines and containerised environments in both hybrid and multi-cloud environments. Meanwhile, the solution’s Account Protection feature helps banks protect their customers’ online accounts against bot attacks, fake account creation, account takeover, and fraudulent account access. The Compliance Manager feature helps organisations manage compliance requirements with greater ease and convenience as compliance requirements continue to expand, and most organisations are facing challenges when it comes to keeping up with increasing requirements and higher levels of scrutiny from financial services regulators. And all this is supported by the Compliance Program for Microsoft Cloud: a dedicated team of Microsoft experts that is on hand to support an organisation’s internal and external risk, audit and compliance teams in addressing financial services regulatory compliance. It’s these features which Borden believes makes the security and compliance solutions from Microsoft and its partners unique. “Our solutions are cloud-native and designed with security in mind from the foundation up, allowing us a wider set of controls to limit the surface areas of risk versus traditional internal bank platforms,” he says. “This allows us to conduct zero standing access – where no Microsoft personnel have access to customer data without additional approvals, which can be difficult “ Persistent, evolving attacks are reminders that we must act decisively on all fronts in new ways”