Despite facing a storm surge with significant changes due to the abundance of digital products that flood the market, banks continue to fulfil the same essential function of centuries ago – guard the funds of their customers, at the most basic level, and guide to customers towards responsible and fruitful financial decisions.
Bank robbers have also retained the same central objective in the face of the spread of the digital disorder, although their tactics have now changed that the best way to carry out a robbery without being caught no longer requires a mask and a ransom note. Consider that this is an evolution of the bank robbery of the past, although now instead of going directly to the vault, thieves infiltrate the network.
The digital era has been profitable but also a burden for financial services just for this reason. A large number of financial technologies have begun to stand out by changing the way customers view and interact with their banks. These financial technologies – fintech – satisfy the tastes of current consumers for convenience and immediate support, but only contribute to blur the perimeter of the network of banks where the assets of their consumers are stored.
Fintech Poses Greater Risks to Perimeter Security in Banks
The Office of the Comptroller of the Currency issued its Semi-annual Risk Outlook for spring 2017 last July, citing the expansion of fintech as the main strategic risk for financial services in the current market. As banks decide to expand their products and services while exploring new channels of communication with the client, operational risks begin to stand out requiring the adoption of preventive measures.
Alternative payment tools, for example, are a popular fintech solution that consumers are massively adopting, often with a deficit for their personal safety and that of their institution. Many banks have problems addressing the compliance risks that these less-transparent payment services (usually delivered through a third party, non-financial applications) require, increasing the risk for money laundering schemes to go unnoticed already that these services access the bank accounts of customers directly. This is because new technologies and typologies usually pile up on the network cumulatively, forcing IT to juggle a flock of new processes while ensuring the performance and security of its legacy systems.
What options do banks have?
How can banks that are adopting fintech to diversify their products and services, focus on cyber security – or, more importantly, how should it be?
To begin with, banks must ensure that they are incorporating “defence in depth,” strategies that display several highs among possible malicious entities and sensitive personal identifiable information stored within a bank network. In doing so, they must ensure that by adapting several layers of defences, they are not creating the potential for latency that would reduce the convenience of using fintech first, without wanting to make any of the possible benefits null for customers. One way to avoid this is to take advantage of a Web Security solution on the Gateway that can discriminate traffic based on access and permissions. Banks should take advantage of gateways where they can create white lists and blacklists of Internet access to ensure that third-party traffic does not infiltrate the most sensitive channels.