Security

08:30 AM
Greg MacSweeney
Greg MacSweeney
Commentary
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
100%
0%

Security Beyond the Firewall

With more and more mobile devices in use each day, the traditional corporate firewall's limits have been exposed.

The financial services industry has always been separated from the public by some sort of barrier. In the Old West, bank tellers sat behind iron bars. Even to this day, many retail banks have glass between the customer and the banker. Financial services enterprise data centers are housed in nondescript buildings, with perimeter security and state-of-the-art internal controls.

The same applies in the technology world. Traditionally, a financial firm's entire IT infrastructure sits safely behind a firewall. These safety measures have been in place since the beginning of, well, banking. But things are starting to change.

The increasing use of mobile devices by employees has moved the security perimeter far outside of the bank's firewalls. Now each device, which has corporate applications, customer data, and other sensitive information, needs to be secured. Furthermore, mobile device adoption by enterprise employees continues to grow, as more workers demand mobile functionality and tools.

[For more on how financial firms are approaching security challenges, read: Former FBI Agent Talks Cyber Security With Deloitte].

Large financial institutions have a big challenge when it comes to securing and supporting their mobile users. Fidelity Investments, one of the world's largest mutual fund managers, has approximately 40,000 employees and manages close to 20,000 mobile devices, including smartphones and tablets. JPMorgan has more than 200,000 employees globally. If it had the same mobile adoption rate as Fidelity, it would have close to 100,000 devices under its watch.

In addition to the increase in mobile usage, firms have to protect other things outside the firewall. Recently, law enforcement officials have said they fear hackers will try to destabilize the markets by infiltrating trading systems or exchanges. The move to destabilize the markets is a marked shift from prior hacks, where criminals tried to steal data for monetary gain. The SEC has stated that the number and sophistication of attempted hacks into the infrastructure supporting the financial markets are intensifying.

The increased security concerns surrounding the financial markets motivated the SEC to begin querying financial firms about their security practices and procedures as part of their annual audits. For financial services leaders, securing everything from market connections to mobile devices will be under the SEC's microscope as the agency strives to make sure all firms are doing their part to avoid an infiltration that destabilizes the markets.

Though firewalls are still important, the overall amount of data, number of applications, and amount of data outside the firewall continue to grow. The new security battle will not only involve traditional safeguards such as firewalls, but also tools that can secure data, applications, and systems that are outside the traditional firewall.

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio
Comment  | 
Print  | 
More Insights
More Commentary
Driving Information Security, From Silicon Valley to Detroit
As software interacts with more and more of our daily lives, technology providers may be liable for more damages than they have in the recent past.
Big Data's Challenge: Matching Business Needs With Technology
All those bits and bytes only add up to something when they’re organized, arranged, and made coherent.
Single Source, Many Truths
If the data quality is not at fault, why then might departments reject the data? The answer is that there are two aspects to data quality: factual correctness and contextual correctness.
Predictions Come True as Regulators Swoop
While two out of the five capital markets predictions from July have already come true, let's hope that all five don't actually happen.
IBOR Before It Was "IBOR"
While its catchy new nomenclature and explosion in popularity has given the outside world an impression that it is novel, the same conversations about it were happening twenty years ago. So why then is IBOR the latest buzz word for firms today?
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video