IT Failure?
Or third party attack?
The UK banking sector was hit by IT outages on a daily basis in the last nine months of 2018, with 302 reported TITSUPs according to consumer group Which?. Financial institutions have been required to report major operational or security incidents to the sectoral watchdog since April 2018, and Which? used this data to assess …
It was just "the cloud" ... face it, the main function of cloud computing is to generate income to the "cloud providers" reliability is just a competitive feature that aids sales. If you move to the cloud then you're moving all support and reliability to the cloud ... and we all know what clouds do, don't we?
"It was just "the cloud" "
Care to explain further? I'm not aware of any of the major banks where failures were broken out using "the cloud" as most IT people would describe it (i.e. using shared platforms managed by a third party with minimal control over the hardware or who can share the resources).
Unless you're referring to customers accessing in-house or third-party dedicated data centers contracted by banks over the Internet?
Or third party attack?
Trust me, all of the banks on that list have technology management and a great many staffers so thoroughly incompetent that they would require no outside assitance for such fuckups. Mines no different.
Banks do technology bigger, not better, because they have the same afflictions as the rest of the world - too many MBAs, far too many technology managers that don't understand technology, and no realisation whatsoever that in terms of having a future, they must be a technology company first and a bank second.
They also have a problem which many technology companies don't have: legacy. Systems whose direct ancestry (not the hardware, but the platform) dates back to the 1970s are common, and those systems must work. Compare that, say, to Google, who might have platforms dating back to 2000 or so, and for almost all of whose systems occasional failure is fine (who even knows if a search returns the 'wrong' result, or if gmail is offline for a few people for a little while?). And Google are also completely happy to just burn their users if they decide something is boring & have done so repeatedly: a bank can't just turn off the system that supports some saving account they once offered, perhaps for a generation after they closed it to new accounts.
Banking is actually a hard IT problem. The banks are not doing a great job of solving it, but that doesn't make it easy to solve.
Hastened along by the banks absconding with our money & not letting us have any of it? I think I like the mattress idea, at least that way I can get to my money. Ok, so I won't have an ATM card to swipe everywhere, but then neither will I be beholden to some idiot financial institution that thinks "account security" is an evil to be avoided at all costs. (Gives TheFinger to my old bank that had their picture taken to go beside the definition of "cockwomble" in the dictionary.)
I meant situations like the bank going TITSUP, their ATM's crashing, or any other situation where the bank is technicly unable to give you money.
If the bank "just doesn't feel like it" then that's when I'll drive my car through the front windows, plow through the lobby, & park it on the chest of the cockwomble that refused to give me my money. Sure I could just call the police & let the law take care of it, but where's the fun in that? =-)p
Well, banks do a huge amount of work to make sure that doesn't happen very often. Sometimes it does, but it's actually pretty rare, despite this article: not very many of these serious incidents will have involved ATMs being down or inability to handle transactions (some will, just not very many). It seems less rare than it is for the same reason people being eaten by sharks seems less rare than it is: every time it happens it's in the news (an average of a little over 7 people were killed by sharks per year over the last 60 years).
If your bank is absconding with your money and not letting you have it then you should probably be taking legal advice.
It's actually not without precedent. IceSave (remember them) did the same trick when they were going bust - froze out UK and other international customers to preserve enough cash for the Icelandic customers to draw out theirs.
A cashless society works until you realise it prevents any realistic run on the banking system without a massive gold spike also accompanying it. The problem with that is the bid/offer spread on retail level physical gold (sovs, krugs etc).
Well, either you entered into whatever arrangement it was knowing that this could happen (or you just did not read the fine print) or they have broken their contract with you / the law in which case you have recourse. Since you state you have no recourse I must assume the former.
Interesting data, but I don't find these raw figures very helpful on their own. As the correspondent noted, there's no mention of the duration of the incident. Also, I don't get any sense of the severity of the impact as there's no detail about which bank functions were affected. Some of the things that banks do are more critical or time-sensitive than others.
As an example, the inability to process outgoing debit card payments for even a couple of minutes could be extremely inconvenient (not to mention embarrassing) for the customer. By contrast, if the system that handles my outgoing standing orders is down for (say) 20 hours but eventually manages to send out a payment slightly late on the same day it was already scheduled to be paid then I probably won't even notice that. The first outage is a real nuisance, the second far less so - although still serious from the bank's perspective, of course.
I was curious as to what "major incident" means so I went digging... The relevant regulation appears to be http://www.legislation.gov.uk/uksi/2017/752/regulation/99/made - it doesn't classify incidents, although regulation 98 says "... the payment service provider must establish and maintain effective incident management procedures, including for the detection and classification of major operational and security incidents". I interpret this to mean that each payment provider can have its own definition of "major incident". In which case comparing the numbers between different banks won't necessarily yield an apples-to-apples comparison. A more honest bank (if such a thing exists!) would look worse than its competitors, so without strong oversight of the criteria used, the likely effect of this kind of publicity is a race to the bottom to define "major incident" as narrowly as possible, thereby defeating the purpose of the regulations in highlighting such problems.
It's a pity because in principle I welcome greater transparency in this area, just not sure it will work as intended.
Also, TSB was one very major incident which lasted about 3 months, whereas Barclays sometimes goes down at the end of the month when most employers are paying their salaries and therefore it has the highest volume of transactions, and tends to be back up the following day.
It's OK, Barclays have a cunning plan to fix the load problem by reducing the number of people being paid at the end of every month.
"Also, TSB was one very major incident which lasted about 3 months"
According to the BBC earlier today (https://www.bbc.co.uk/programmes/m0002z8l), TSB have now addressed issues for 97% of the 200,000 affected users.
So just another 6000 peoples accounts to go...
Getting an organisation to be consistent within its own four walls on what constitutes a major incident is difficult enough, never mind having consistency across an industry.
In some places, if you do your job right by documenting SLAs carefully and therefore report more incidents as major, and you create a rod for your own back because you create the impression there's something inherently wrong within your organisation (and there probably is).
I don't think you can read too much into the number of incidents reported. Knowing what banks are like, it could be only some of them are playing ball, and even then only their particular variant of ball game.
Similarly Lloyds and Halifax/Bank of Scotland share the same Lloyds platform but have reported separately, perhaps because they have separate banking licenses. Not sure I agree with this as it depends on how segregated things are on the platform in question. Is it a platform problem that only affects selected brands/licenses using that platform or does it affect all brands/licenses using that platform.
Is it just UK banking that's this bad, or is it a problem on this scale elsewhere too?
And if it's better elsewhere, what can Johnny Foreigner learn from the UK?
(Obviously there's no possibility that England's Masters of the Universe (Retail Banking subdivision) could learn from anyone elsewhere).
Same here. The ticket was been open for more than 5 years now. ( originally created to test the new ticket system). We leave it open and omit it from the SLA reports. We assign it in the second week, whenever a new person starts.
The range of reactions has been amazing, from WTF! to chicken little
So an apples vs pears comparison then?!?
Didn't data analysts understand the concept of Risk Priority Numbers? In this case, the product of Severity, Frequency and Duration scores.
Or is the objective to draw a conclusion not supported by the data?
Major systems are breaking everywhere every day.
No, this is NOT normal. That anyone would think this is acceptable and normal shows how bad it has become. It also points to a serious coming catastrophic event in the near future.
Systematic failures are not a sign of normal operations. Ever.
Who ever would have thought that replacing loyal, well paid career IT staff with decades of experience and deep understanding of their systems with whoever can be had globally at the lowest cost with no job security would end in tears? I'm not complaining having left a long time ago with big redundancy pay-off and good final salary pension.
It’s cheaper, cuts out the cost of payroll and is government backed. Works out of hours when required as opposed to your paid-time and weekends.
I believe they have a plan to outsource cash machines to localised third parties as there appears to be about a 50% decline in availability. #madraspoints