Security

08:30 AM
Greg MacSweeney
Greg MacSweeney
Commentary
Connect Directly
LinkedIn
Twitter
Facebook
Google+
RSS
E-Mail
100%
0%

Security Beyond the Firewall

With more and more mobile devices in use each day, the traditional corporate firewall's limits have been exposed.

The financial services industry has always been separated from the public by some sort of barrier. In the Old West, bank tellers sat behind iron bars. Even to this day, many retail banks have glass between the customer and the banker. Financial services enterprise data centers are housed in nondescript buildings, with perimeter security and state-of-the-art internal controls.

The same applies in the technology world. Traditionally, a financial firm's entire IT infrastructure sits safely behind a firewall. These safety measures have been in place since the beginning of, well, banking. But things are starting to change.

The increasing use of mobile devices by employees has moved the security perimeter far outside of the bank's firewalls. Now each device, which has corporate applications, customer data, and other sensitive information, needs to be secured. Furthermore, mobile device adoption by enterprise employees continues to grow, as more workers demand mobile functionality and tools.

[For more on how financial firms are approaching security challenges, read: Former FBI Agent Talks Cyber Security With Deloitte].

Large financial institutions have a big challenge when it comes to securing and supporting their mobile users. Fidelity Investments, one of the world's largest mutual fund managers, has approximately 40,000 employees and manages close to 20,000 mobile devices, including smartphones and tablets. JPMorgan has more than 200,000 employees globally. If it had the same mobile adoption rate as Fidelity, it would have close to 100,000 devices under its watch.

In addition to the increase in mobile usage, firms have to protect other things outside the firewall. Recently, law enforcement officials have said they fear hackers will try to destabilize the markets by infiltrating trading systems or exchanges. The move to destabilize the markets is a marked shift from prior hacks, where criminals tried to steal data for monetary gain. The SEC has stated that the number and sophistication of attempted hacks into the infrastructure supporting the financial markets are intensifying.

The increased security concerns surrounding the financial markets motivated the SEC to begin querying financial firms about their security practices and procedures as part of their annual audits. For financial services leaders, securing everything from market connections to mobile devices will be under the SEC's microscope as the agency strives to make sure all firms are doing their part to avoid an infiltration that destabilizes the markets.

Though firewalls are still important, the overall amount of data, number of applications, and amount of data outside the firewall continue to grow. The new security battle will not only involve traditional safeguards such as firewalls, but also tools that can secure data, applications, and systems that are outside the traditional firewall.

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio
Comment  | 
Print  | 
More Insights
More Commentary
SEC Examinations: What to Expect When the SEC Is on It's Way
Theodore Eichenlaub highlights trends in SEC expectations and how to approach a risk assessment of your compliance program.
The Value of Predictive Analytics in Financial Services
Risk management and customer data are two key areas where data analytics is being applied in financial services.
Moving the Trader Closer to the Investment Process
The sell side can demonstrate more value by applying analytics to pre- and post-trading, and by educating buy-side clients about broker segmentation, trading behavior and algorithm shortcomings, and more.
Wirehouses May See More Independent BDs as Retention Packages Expire
Retention bonuses are expiring, leaving brokerages vulnerable to attrition. Is access to technology making it easier for brokers to go independent?
SCI: A Whale of a Regulation
The SEC's Reg SCI weights in at a whopping 742 pages. Here is what you need to know about the oversized regulation.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video