Thursday, July 30, 2015
Considering the growing frequency of data breaches and denial of service attacks aimed at large corporations and federal agencies over the past year, it's not surprising that IT decision-makers for financial firms are more concerned with cyber security than ever before.
In fact, recent analysis performed by consulting firm Accenture revealed that 90 percent of 450 financial firms surveyed are planning to update their current risk management strategies by allocating greater resources for network security. Additionally, 65 percent of respondents noted that they expect cyber security precautions to grow even more relevant over the next two years.
With data centers full of valuable customer information like account data and social security numbers, financial institutions will always be a target for unauthorized access. Thankfully, there are a few steps that any firm can take in order to make their facilities more resilient to both physical and digital attacks. Considering IT managers are likely to take the blame if thing go awry, deploying these tips sooner than later might be a smart move.
Recognize applicable vulnerabilities in the system
The first move that IT staff at financial firms can make to improve network security is to take cyber threats more seriously. It may seem silly to rank awareness among initial steps for IT to consider when improving their cyber security strategies. However, underestimated security threats have been the downfall of many an IT team.
"Barriers to cyber readiness often come from up in the chain of command."
It's also important to note that barriers to cyber readiness often come from up the chain of command. While decision-makers are expressing greater concern toward cyber threats this year, this has not been the case historically. In fact, it's more common than not for financial institutions to not take additional actions with regard to cyber defenses until after a nasty incident has already occured.
As a result, IT teams are left in a precarious position, well aware of threats lurking around the corner of the Internet without the resources to properly secure the network. In cases like these, it's imperative that IT experts do everything they can to communicate the reality of cyber security threats to their supervisors, even if it means taking them out to lunch. With luck, the latest string of major breaches will help make these pleas more persuasive. If not, at least IT managers can say they did their best during their next job interview.
Increase scrutiny of third-party vendors
Another low-hanging fruit that IT teams can reach for in terms of improving network security is a reassessment of company policy regarding third-party vendors. After all, a company's data is only secure as its weakest access point, and in many cases that vulnerability resides with a storage provider or outside service with questionable remote authorization.
Unfortunately, the problem is more rampant than one might expect. According to a report recently released by the New York State Department of Financial services, less than half of banks surveyed bother to physically inspect the facilities of their third-party vendors. Only about two-thirds require their vendors to communicate when systems are compromised by a cyber breache. Some banks do not even ask their vendors to submit full security credentials.
Dark Reading recommended that IT teams put extra emphasis on getting to know their third parties, becoming more familiar with their capabilities and their risk factors, and assessing third-party facilities in person. Anything less could put a network - and the IT manager's paycheck - in immediate danger.
Banks must prioritize network security in order to protect consumer data.
Introduce remote management tools to increase control
IT teams can increase the security of their network by making adjustments to on-site infrastructure as well. For example, a secure console server could be used to link devices connected via Ethernet switches and better track data transmissions across the entire network. This improved visibility puts IT teams in a better position to manage operations, even after-hours or from an off-site location. In addition, the encryption built into the console server put another layer of security between a company's data and the prying eyes of nosy hacker.
Perle's wide range of 1 to 48 port Perle Console Servers provide data center managers and network administrators with secure remote management of any device with a serial console port. Plus, they are the only truly fault tolerant Console Servers on the market with the advanced security functionality needed to easily perform secure remote data center management and out-of-band management of IT assets from anywhere in the world.