Blog article
See all stories ยป

Computer Security - Bankers Cannot Ignore It But It Will Never Be Completely Safe

In 1983, I completed a computer security test for a Top Tier U.S. bank. Their idea not mine, because the CEO was alert enough and worried about early signs of computer crime in banking. I never considered myself a computer security expert then, and certainly not now.  But the bank chose me as a guy who knew banking IT from A to Z, and could develop an objective test without strings attached (in contractor parlance "strings attached" means staying on the job forever). 

My test had a beginning, a process, and an end.  It included 39 ways to rob a bank with a computer. I played the role of the robber, and several employees of the bank played the role of several employees of the bank.  The bank failed only three of the tests, and they admitted defeat after the dress rehearsal.  "Give us a chance to fix them," they said.  When opening night arrived at the CEO theater, the employees of the bank joined me.  No prima donnas attended.  The CEO listened attentively to my presentation.  At the end of the third act, he asked his employees one question.  Tell me how you plugged the three voids.  They did, and the emphasis was on past tense.  Done deal.  The applause for the employees was loud and enthusiastic, for there were other worried executives in the theater who didn't have the power to do anything about computer security, except worry about it.  I need to say this - That's why exceptional CEOs are worth every penny of the millions of dollars they are paid.  They make good things happen during good times and bad.

Fast forward to 2017.  Now there are thousands of ways to wrongfully disrupt a bank, and  literally millions of modern-day Wilie Suttons with tech skills far superior to those of keepers of the "vaults."  Block a hacker today, he'll/she'll invent a new scheme tomorrow. 

Reality:  There isn't a bank in the world that will plug up all the seams and holes of a system.  In fact, bankers brag about how they provide easy access to their customers' money and data, any time, anywhere and without the latest access technology.  "Easy" is one of those words that influenced the 2008 financial crisis.  "You own a home or want to buy a home, we'll mortgage it for more than it's worth.  Sign here." 

That's why banking is a regulated industry, because bankers need to be watched - all the time.  Lessons from past disasters don't seem to be a good educational tool for protection against next disasters. 

What we know now is that the Bank Examiners, Bank Customers, Bank CEOs, The Congress, and Bank Stockholders will love any bank for trying to keep the bad guys out.  Do something even if it isn't everything!  Following is a list of solutions that may provide a good start towards doing something.  And remember, you should be able to run a bank a lot better than a President or Congressman.  So before deregulation gets on a roll, your actions to adopt safe solutions will be a lot better than yelling, "Show me the evidence, Donny!"

                   










COMPLIANCE, SECURITY, FRAUD CONTROL & RISK MANAGEMENT

ACI Worldwide Payments Risk Management
Baker Hill Exception Advisor
Baker Hill Profit Risk Advisor
Compliance Systems, Inc. Simplicity
Continuity
D+H eSearch - Know Your Customer
D+H IncomeVerify
D+H Cavion Security Solutions
D+H Compushare Risk Director
D+H Compushare Compliance Consulting
D+H Enterprise Fraud Management
D+H Compushare Managed Network Security
Entersekt Online Banking Security
Entersekt Mobile Banking Security
Entersekt Transaction Security
Entersekt Transakt
First Data Network & Security Solutions
FIS Secured
FIS Compromise Manager
FIS ID Protection Service
FIS Debit Report
FIS Verification & Authentication
FIS Risk Case Manager
FIS QualiFile
FIS Account Ownership
FIS Address Analysis
FIS DepositShield
FIS Employee Fraud Detection
FIS FraudFinder
FIS FraudLink KIte Detection
FIS On-Us Deposit Fraud
FIS AML Compliance
FIS OFAC/Watch List Filtering
FIS Compliance Databank
FIS Compliance Analyzer
Fiserv Financial Crime Risk Management for Cards
Fiserv Financial Crime Risk Management
Fiserv Onboard Advisor
Fiserv FraudNet
Fiserv - Financial Crime Risk Management
Fiserv - Financial Control Solutions
Fiserv - Financial Accounting, Budgeting & Planning solutions (Prologue)
Fiserv - Onboard Advisor
Fiserv - Activity Exception Management
Hyland Software - OnBase
Jack Henry Yellow Hammer Fraud Detective
Jack Henry Yellow Hammer Bank Secrecy Act compliance and risk mitigation
Jack Henry Yellow Hammer EFT Fraud Detective
Jack Henry Yellow Hammer ACH Origination
Jack Henry Yellow Hammer Wire Origination
Jack Henry Centurion Business Continuity Planning
Jack Henry Centurion Disaster Recovery
Jack Henry Centurion Data Replication Service
Jack Henry Centurion Co-Location Redundant Hardware Backup
Jack Henry Centurion jVault Power Backup
Jack Henry Centurion Enterprise-Level Recovery for Microsoft Windows servers
Jack Henry Centurion jhArchive remote electronic backup
Jack Henry Centurion Emergency Notification
Misys FusionRisk
Misys FinCloud
NYMBUS
ProfitStars - Regulatory Reporting
ProfitStars - Call Report Pro
ProfitStars - Branch Deposit Reporting Pro
ProfitStars - Fed File Pro
ProfitStars - Annual Disclosure Statement Online
ProfitStars Gladiator CoreDEFENSE Managed Security Services
ProfitStars Gladiator Enterprise Security Monitoring
ProfitStars Gladiator NetTeller Enterprise Security Monitoring
ProfitStars Advanced Malware Protection
ProfitStars Gladiator eShield
ProfitStars AlertCenter
Temenos Insight Risk Intelligence
Temenos AML Screen
Temenos AML Profile
Temenos BankerVMS
Temenos BankRISK
Temenos TriComply
Vantiv Fraud Detection System
Vantiv EMV, Tokenization and Point-To-Point Encryption
Wolters Kluwer Financial Systems (30 products)



    The products and services listed above were extracted from "Automation in Banking - 2016," which was published on December 12, 2016.  Because of the dynamics in product development, I am reporting that this list may have changed in the past four months. 

a member-uploaded image

Comments: (0)

M. Arthur Gillis

M. Arthur Gillis

helping banks with technology

Computer Based Solutions, Inc.

Member since

20 Nov

Location

Atlanta

Blog posts

21

Comments

2

This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...


See all