back Back

Hybrid working and the security challenge for financial organisations

Financial Services, firewalls, hybrid working, IT, network monitoring, Security, working from home

February 08, 2022

  • Financial Services
  • firewalls
  • hybrid working
Share

With hybrid working seemingly set to stay, can complete discovery of data and devices and ongoing monitoring of asset behaviours across highly dispersed financial service estates mitigate remote security concerns in the new hybrid working world?

by Andrew Gehrlein, Chief Financial Officer, Park Place Technologies

Across the conclusions of a recent McKinsey report on the future of the physical workplace it was clear that the majority of employees (52%) would prefer a continued hybrid model of working. McKinsey expanded the definition of hybrid workplaces to include the usage of flexible workspaces that are physically located outside existing company office locations to include home office workspaces alongside hub working and communal space works. How do banking infrastructure leads accommodate this ongoing transfer of working conditions, especially with the increased security parameters that the world of trading demands?

Andrew Gehrlein, Chief Financial Officer, Park Place Technologies
Andrew Gehrlein, Chief Financial Officer, Park Place Technologies

Since the initial rush to accommodate working from home mandates in March 2020, these IT infrastructure leads have now had the benefit of time and experience to consider, mitigate and control the security impacts that continued hybrid working poses in finance. Today, these leads are proactively focused on developing a clear, structured, and continued strategy for those organisations and employees who elect to work outside of company facilities in an environment where speed, security and increased regulatory pressures are paramount considerations in each financial exchange.

Hybrid staff continually need to access devices and exchange data above and beyond the usual elaborate security firewalls that these organisations typically embrace from within fixed corporate networks. Now, on a permanent basis, these IT leads must identify all possible ingress and egress points in their newly expanded dispersed network before holistically deploying enhanced next generation security and cyber services that give increased protection from hostile activities. This also includes systematic and ongoing understanding of endpoint usage, and endpoints themselves need to be capable of being restricted and isolated quickly, to avoid further contamination should a security breach occur.

Within a hybrid working strategy, organisations also need to develop a clear understanding of usage of cloud accounts, yet the nature of cloud service provision means that much of this is dynamic, and complex to track. Additionally, public network usage provides further challenges in settings such as communal spaces. Data transfer to a wireless printer inside a secure corporate facility poses relatively little risk yet place the same wireless printer within a hub space and the possibilities for hostile activities increase exponentially.

Equally in the home environment additional vulnerabilities exist. Routers can have exposed modem control interfaces; or staff using BYoD that may fall outside of patching windows; or the increase in domestic IoT exposure points, all of which need additional consideration. Faced with the level of challenges, it becomes quickly apparent that finance IT leads essentially need a real-time, always-on, centrally managed discovery and monitoring system of devices and data.

How can this be achieved? Pre-Covid, IT Asset and inventory device management was limited largely to a manual discovery and tracking that assisted with security and audit requirements. Faced with the complexity and threats outlined outside of corporate locations, today this discovery must be conducted as an ongoing service, in real-time, expanded across multiple remote locations for immediate discovery, automating and simplifying asset disclosure without manual IT inventory collection. In short, discovery needs to provide complete visibility into financial services’ data centres and cloud environments, and should include servers (physical, virtual and cloud), desktops, peripherals, edge devices, alongside the infrastructure services.

Discovery is the first step. Monitoring networks this complex is the second. Network monitoring tools have become increasingly specialised and siloed towards departmental usage, neglecting the holistic cross-departmental requirement that hybrid working needs. What’s required today is proactive and predictive generic monitoring across hardware and software that gives leads immediate and actionable insights to gain the greatest level of controls allowing identified new devices to be quickly added to the fold and protection. Only then, when IT leads understand what hybrid workers are using at any given point in time, can appropriate security solutions be confidently layered, safe in the knowledge that there are no gaps within defences.

Previous Article

February 03, 2022

Moving the data management ecosystem to the cloud: How financial services firms can navigate the challenge

Read More
Next Article

February 11, 2022

Global payments go green in the cloud

Read More

IBSi News

FinTech tweets

January 27, 2023

Financial Services

7 FinTech tweets you should see!

Read More

  • Daily insightful Financial Technology news analysis
  • Weekly snapshots of industry deals, events & insights
  • Weekly global FinTech case study
  • Chart of the Week curated by IBSi’s Research Team
  • Monthly issues of the iconic IBSi FinTech Journal
  • Exclusive invitation to a flagship IBSi on-ground event of your choice

IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related Blogs

December 19, 2022

Increasing demands on cybersecurity as finance evolves

Read More

April 06, 2022

Caught in the crossfire: How the Russia-Ukraine crisis is exposing firms to cyber risk and what they can do about it

Read More

March 29, 2022

Don’t be an open window: combatting cyber threats for private equity firms and their portfolio companies

Read More

Related Reports

Sales League Table Report 2022

£1,500.00 / year

Know More
Global Digital Banking Vendor & Landscape Report Q4 2022

£1,500.00 / year

Know More
Wealth Management & Private Banking Systems Report Q4 2022

£1,500.00 / year

Know More
Global Transaction Banking Vendors and Landscape Report Q4 2022

£1,500.00 / year

Know More
Treasury & Capital Markets Systems Report Q4 2022

£1,500.00 / year

Know More