In the past, it wasn’t uncommon for organizations to maintain basic information security: a firewall, anti-malware software, and maybe a few other resources. But modern operating environments require financial institutions to go beyond limited measures and implement multiple security layers to protect their sensitive information, infrastructure, and other assets.
Today banks and credit unions have a variety of elements that comprise their computer networks, and these components require numerous security solutions for them to operate securely. There’s no such thing as having too many solutions—although some entities invest in more resources than they can competently manage. The most appropriate approach is for institutions to employ all the security layers they can afford to pay for and oversee effectively.
The security landscape has changed significantly over the years. With the evolution of technology, cybercriminals are launching more frequent and sophisticated attacks against organizations. (The bad guys have it easy; they only have to get it right once. Security professionals, on the other hand, have to get it right all the time.) Currently, the top security threats for financial institutions are a remote workforce, ransomware, and the Internet of Things devices like webcams, Amazon Alexa, and Google Chromecast.
Financial institutions often select security products based on what their security posture requires to pass exams. But the emergence of new threats is motivating more institutions to select solutions not just based on examiner expectations, but to also consider what is essential for operational safety. Generally, the security products that institutions invest in are determined by their cost and ability to mitigate risk.
For the most part, the financial services industry is interested in solutions that require minimal management involvement and customization to be effective. The industry also tends to adopt solutions once they’ve reached a certain level of commoditization and are priced lower. For example, well-commoditized solutions like anti-virus agents and anti-ransomware tools allow institutions to protect against expensive threats for the minimum cost. An effective anti-malware agent—especially one with some specific anti-ransomware technology—is another essential layer for endpoint protection.
Ultimately, increased competition leads to technology innovation and consolidation. A good example of this is what’s happened with firewalls. Implementing a firewall used to equate to a simple router that separated public and private networks. Things evolved when people began adding dedicated appliances like intrusion detection and prevention systems, antivirus gateways, web content filters, and other technologies. Through commoditization, these different elements became consolidated into the firewall to create a unified threat management system. More recent innovations that allow institutions to inspect encrypted traffic and sandbox potentially hazardous traffic have ushered in the next-generation firewall.
Going Beyond Basic Requirements
A fundamental requirement for layered security is multi-factor authentication (MFA), which involves several elements for validating the identity of users. While some organizations have concerns about MFA negatively impacting user experience, the technology provides an advanced level of protection that strengthens security.
Transport Layer Security is now implemented to secure over 80% of web traffic. The TLS protocol is used to encrypt data between a web browser and a website. While this is great for user privacy, it prevents institutions from inspecting all user traffic for threats. Transport Layer Security (TLS) Inspection has become a more common—and critical—security tactic for financial institutions. TLS inspection allows institutions to decrypt and inspect TLS traffic, so they can filter out malicious information and protect their network.
The increased adoption of endpoint security and other innovative technologies is making it easier for financial institutions to implement a layered approach to security. Safe Systems offers a wide range of security solutions to help community banks and credit unions incorporate multiple levels of protection to enhance their security posture.