Wells Fargo Cloud Patent Could Fight Data Security Risks
Wells Fargo’s recent patent wants to make sure you can trust the cloud.

Sign up to uncover the latest in emerging technology.
Wells Fargo wants to make sure you can trust the cloud.
The financial institution filed a patent application for a “cloud residual risk assessment tool.” Its filing describes a way to identify potential “residual risks” that a cloud environment may pose when migrating and hosting sensitive assets, such as certain data or software.
Residual risk refers to any additional hazards that may occur after “risk management or control activities are accounted for,” Wells Fargo noted.
“Corporations have a need for determining risks of the third-party host environment to guarantee that risks that may be harmful to assets of the current hosting environment are mitigated,” Wells Fargo said in the filing.
Wells Fargo’s tech evaluates the potential hazards of both the data storage methods a company is using and the future cloud environment by collecting information relating to “quantitative and qualitative” risk factors.
The filing lists a number of factors that the tech considers, including policy information, unresolved issues, the sensitivity of the data it’s migrating, and even the capabilities of the cloud services organization itself (e.g., the IT specialists involved in operations). All of that information is then used to calculate the residual risk scores of both the current host and the future host.
This tech could help Wells Fargo and other organizations decide if it’s worth the risk to switch to a certain cloud provider.
There are a few places where risks could emerge in cloud services and data storage, said Trevor Morgan, senior vice president of operations at OpenDrives. Though cloud providers generally have strong security measures, it’s common that security holes get forgotten by the cloud tenants themselves. And even if those problems start small, they can grow riskier over time as more data is stored or more changes occur in the cloud environment, said Morgan.
“The changing environment within the cloud means that things that you thought were secure may become less secure [over time],” said Morgan. “When you look at a lot of the breaches over the last three to five years that occur in the cloud, it has to do with things that were forgotten.”
And given the sheer amount of data that financial firms like Wells Fargo handles regularly, tech like this has a clear use case for the company. Data leaks in this industry can be dangerous and costly, both for the companies involved and the users themselves. As bad actors continue to build taller ladders, cybersecurity walls need to grow to match them, Morgan said.
“It makes sense with where the fintechs and the financial industry are going in general,” said Morgan. “All of their operations depend upon reducing risk.”
This tech could allow the firm to “repatriate certain types of data” for safety, using machine learning instead of human workers to cost-effectively do the heavy lifting, said Morgan. “These financial firms, they’re all becoming technology companies to control their own environments and therefore try to reduce their risk profile.”