Security

01:40 PM
Becca Lipman
Becca Lipman
Commentary
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

Financial Service Employees Ranked 2nd-Riskiest Users of Cloud Services

Skyhigh Networks reports that financial services demonstrated some of the most risky behaviors among major industries.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Becca L
50%
50%
Becca L,
User Rank: Author
8/30/2014 | 9:02:07 PM
Re: Oh no
Perhaps it all comes back  to building a sound corporate policy, classifying data and deciding what information needs X level of protection. It's terrible that this is happening in such a risky way, but there's little companies can do beyond education to stop users from downloading unsecure cloud apps. They have to have an open conversation in which they acknowledge the reality of user behavior and talk about pragmatic security.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
8/13/2014 | 4:01:12 PM
Re: Human nature
Jon, as you stated, there is often confusion between banks and cloud providers about who is responsible. That is one of the reasons why many banks have been slow to move to the cloud.

As far as the regulators are concerned, however, all of the responsibity belongs to the bank, no matter what is says in SLAs.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
8/11/2014 | 3:55:18 PM
Re: Human nature
It's not just employees using cloud apps that could create security risks. There's often issues with the enteprises' approved cloud vendors too in terms of confusion over who has what responsibilities in regards to security. Those issues will get worked out over time as companies gain more experience with the cloud, but for now they are a big concern and show the need for greater communication and education between cloud providers and clients.
Byurcan
100%
0%
Byurcan,
User Rank: Author
8/8/2014 | 10:37:14 AM
Oh no
Well this isn't good news, considering fianncial services employees are dealing with the most valuable and sensitive of data. I guess there is always more training needed on proper protocol. 
KBurger
100%
0%
KBurger,
User Rank: Author
8/8/2014 | 9:16:27 AM
Human nature
This actually surprises me, given everything we've reported and heard industry folks discuss about security concerns @ the cloud, etc. I'm not surprised that there are issues, but am surprised that the problem is so extensive in financial services. But I guess it comes down to human nature, as Rajiv Gupta says: "Employees in financial services are no different than employees anywhere. We all want to get our jobs done in an efficient way. We choose highly usable, flexible, scalable services in our personal lives, and we want to use the same things in our professional lives." It's kind of a Pandora's box, in that there's no going back on restricting employees' use of these cloud-based capabilities. Financial services firms have to figure out how to channel this aspect of consumerization to boost productivity and employee engagement without increasing risks.
More Commentary
Gartner: 75% of Mobile Apps Will Fail Security Tests Through 2015
The rise of BYOD means enterprises must implement security testing and containment solutions, according to new Gartner research.
Chip & Pain, EMV Will Not Solve Payment Card Fraud
Switching to EMV cards will lower retail fraud, but it's not enough. Here's the good, the bad, and the ugly.
With UCITS V, $9T Isnít as Easy as It Used to Be
With UCITS V's restrictive remuneration rules and hidden costs, going global may get a little less attractive.
Banks to Increase IT Spend on Big Data Challenges, Finds Aite Report
Big data has presented the greatest challenges and dissatisfaction for banks, yet it is the most likely to see upward spending in the next two years.
Scotland Independence Vote: Haggis & Fragmentation
Scottish independence has far-reaching consequences for the global financial markets.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video