Security

08:30 AM
Greg MacSweeney
Greg MacSweeney
Commentary
Connect Directly
LinkedIn
Twitter
Facebook
Google+
RSS
E-Mail
100%
0%

Security Beyond the Firewall

With more and more mobile devices in use each day, the traditional corporate firewall's limits have been exposed.

The financial services industry has always been separated from the public by some sort of barrier. In the Old West, bank tellers sat behind iron bars. Even to this day, many retail banks have glass between the customer and the banker. Financial services enterprise data centers are housed in nondescript buildings, with perimeter security and state-of-the-art internal controls.

The same applies in the technology world. Traditionally, a financial firm's entire IT infrastructure sits safely behind a firewall. These safety measures have been in place since the beginning of, well, banking. But things are starting to change.

The increasing use of mobile devices by employees has moved the security perimeter far outside of the bank's firewalls. Now each device, which has corporate applications, customer data, and other sensitive information, needs to be secured. Furthermore, mobile device adoption by enterprise employees continues to grow, as more workers demand mobile functionality and tools.

[For more on how financial firms are approaching security challenges, read: Former FBI Agent Talks Cyber Security With Deloitte].

Large financial institutions have a big challenge when it comes to securing and supporting their mobile users. Fidelity Investments, one of the world's largest mutual fund managers, has approximately 40,000 employees and manages close to 20,000 mobile devices, including smartphones and tablets. JPMorgan has more than 200,000 employees globally. If it had the same mobile adoption rate as Fidelity, it would have close to 100,000 devices under its watch.

In addition to the increase in mobile usage, firms have to protect other things outside the firewall. Recently, law enforcement officials have said they fear hackers will try to destabilize the markets by infiltrating trading systems or exchanges. The move to destabilize the markets is a marked shift from prior hacks, where criminals tried to steal data for monetary gain. The SEC has stated that the number and sophistication of attempted hacks into the infrastructure supporting the financial markets are intensifying.

The increased security concerns surrounding the financial markets motivated the SEC to begin querying financial firms about their security practices and procedures as part of their annual audits. For financial services leaders, securing everything from market connections to mobile devices will be under the SEC's microscope as the agency strives to make sure all firms are doing their part to avoid an infiltration that destabilizes the markets.

Though firewalls are still important, the overall amount of data, number of applications, and amount of data outside the firewall continue to grow. The new security battle will not only involve traditional safeguards such as firewalls, but also tools that can secure data, applications, and systems that are outside the traditional firewall.

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio
Comment  | 
Print  | 
More Insights
More Commentary
What Will the Financial Back Office of Tomorrow Look Like?
Asset managers are increasingly looking to automate their manual back office workflows. Confluence calls it the "back office revolution."
Bankrolling Technical Debt: A Financierís Guide
Technical debt represents the effort required to fix source code or application problems that put the business at risk.
Staying Ahead of the Game With Continuous Delivery
The need to develop better software faster is leading financial organizations to continuous delivery (CD), a practice pioneered by SaaS companies like Salesforce.
Shore Up Cyber Security Now
Knowing that a data breach can and will happen at some point, asset management firms can manage new operational and regulatory risk with a layered approach to cyber security.
Is Big Data a Problem or an Opportunity?
When it comes to data, financial services firms are, as a rule, quite circumspect. They fear cyberattacks, data theft, data loss, security breaches, data privacy, and human error.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video