Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Kris Sharma
on 13 December 2022

Open source in financial services – start with a strong foundation


Financial Institutions (FIs) need to respond with agility and business velocity to keep pace with changing economic conditions. Yet, emerging competition from fintechs and challenger banks and increasing customer expectations is making this task difficult, especially as regulatory and compliance requirements increase. Embracing the next phase of digital transformation is an imperative for financial institutions to sustain and grow in a competitive environment of rising cost pressures. To meet these challenges, many FIs are adopting open-source software.

Why is the financial services industry choosing open source?

According to the findings of the Linux Foundation and FINOS’ State of Open Source in Financial Services report,  81% agreed or strongly agreed that “Innovation” was one of the main reasons their company participates in open source followed closely by “Time to Market” and “Total Cost of Ownership,” with over 80% identifying it as a reason. 

Open source delivers strategic advantages to financial institutions that are developing and driving digital transformation initiatives. The ability to easily incorporate commercial-grade open source software building blocks in their technology landscape allows them to build a strong digital foundation. Financial institutions can leverage open source architecture and tools to optimise IT costs while increasing interoperability among various digital initiatives. 

Still, managing open-source software and all of its dependencies securely can be challenging.

The need for secure open source

According to Synopsis’ 2022 open source security and risk analysis report, ”97% of codebases scanned contained open-source components and 81% contained at least one known open source vulnerability”. It is crucial that enterprises realise that open source itself does not create business risk, but its mismanagement does. This became evident after the Log4j incident. The discovery of the Log4j vulnerability, known as Log4Shell, brings to the fore the need for organisations to use secure open source software that is security patched, well maintained and has enterprise support.  

A resilient digital infrastructure should provide financial institutions flexibility, portability, interoperability, and the control needed to consistently deploy and manage enterprise applications and workloads. The foundation of a future proof digital infrastructure that leverages open-source technologies is built on enterprise Linux.

Choosing the right enterprise Linux distribution – get the freedom to innovate

The right operating system (OS) gives financial institutions the ability to deploy and run applications anywhere — physical, virtual, private, and public clouds — and delivers a consistent foundation to support a financial institution’s digital transformation needs. When it comes to evaluating a platform that can handle workloads across various infrastructure stacks, from bare metal servers to virtual machines and containers on private and public clouds, financial institutions look for a security-oriented operating system that provides the following:

  • Enterprise-grade security
  • Long-term stability with a predictable release cadence
  • Compliance and hardening features
  • Support that’s available when needed

Why do enterprises prefer Ubuntu?

Ubuntu is one of the leading enterprise Linux distributions both in the public clouds and in the private clouds. It is also one of the most secure end user operating systems according to UK Government Communications Headquarters (GCHQ). A long term support (LTS) version of Ubuntu is released every two years, and all LTS releases benefit from five years of free security maintenance (which can be extended to ten years). To keep Ubuntu users secure, the Ubuntu Security Team applies thousands of security patches.

Ubuntu Pro expands Ubuntu’s ten year security coverage to include additional thousands of packages beyond the main operating system giving financial institutions access to various tools for compliance management and hardening, including FIPS 140-2 certified cryptographic packages.

Open source software and programming languages are widely used within financial services. For example, Python is an open source object-oriented programming language. It is one of the most popular programming languages in financial services that is used in a broad range of applications – from building analytical tools that process massive financial data sets to building banking software. Python is also used to create and maintain a large number of payment gateways and to build algorithmic trading tools. 

Given the extensive use of open source software packages and open source programming languages to build financial services applications and toolchains, security coverage for these software packages is crucial. 

Ubuntu Pro expands security coverage for critical, high and medium Common Vulnerabilities and Exposures (CVEs) to thousands of applications and toolchains, including Ansible, Apache Tomcat, Apache Zookeeper, Docker, Drupal, Nagios, Node.js, phpMyAdmin, Puppet, PowerDNS, Python 2, Redis, Rust, WordPress, and more.  It is available for every Ubuntu LTS starting with 16.04 LTS.

Want to learn more about secure open source for financial services? Read our white paper!

Wrapping up

Security cannot be an add-on, it is central to IT and business strategy for financial institutions. For close to two decades, Canonical has been committed to the open development model as the path to more stable, secure and innovative open source technologies.

At every stage of a financial institution’s digital transformation journey, building applications on Ubuntu Pro is a strategic decision that delivers a stable and secure platform for digital transformation requirements. 

Wish to know more on how Canonical is helping financial institutions to modernise their IT infrastructure and focus on innovation? Check out our webpage.

Tap into new possibilities with secure open source

Get in touch

Photo by FLY:D on Unsplash

Related posts


Lech Sandecki
23 October 2024

6 facts for CentOS users who are holding on

Cloud and server Article

Considering migrating to Ubuntu from other Linux platforms, such as CentOS? Find six useful facts to get started! ...


Kris Sharma
17 October 2024

Why is Ubuntu Linux the leading choice to replace CentOS for financial services?

Financial Services Article

Financial services are powered by technology. The customer experience is increasingly driven by data, with tailoring of products and services to reflect individual behaviors and preferences. All of this rests on a foundation of secure, stable technology that can support agility and flexibility to adapt to customer needs, whilst at the sam ...


Matthew de Klerk
12 December 2024

What is vulnerability management?

Security Article

Vulnerability management is the holistic process of identifying and handling security risks in an organization’s networks, systems and devices. Vulnerability management serves an overarching strategy that describes and outlines the many individual efforts and steps taken to reduce cyber incident risk to acceptable levels and improve overa ...