Security teams and IT departments at large enterprises across all industries are faced with securing against an ever expanding attack surface daily. Previously, vulnerable points of entry used to live within the organisation’s walls, where firewalls and
inline security tools could protect them. But as networks have evolved to accommodate the constantly evolving, borderless cloud environment, IoT and a mobile workforce, organisations are now faced with a uphill battle to secure themselves.
Technological advances, paired with news way of working have allowed employees to work virtually anywhere. However, this has led to an increase in connected endpoint devices which pose a security threat. This too, is true for highly regulated industries
such as the financial services.
What the stats are saying…
A
study by London Business School found a third of business leaders expect more than half of their workforce to embrace the mobile working trend by 2020. Additionally, 25 per cent said more than three-quarters would work outside the office by the turn of
the decade. The technological capabilities (cloud services, file sharing tools, etc.) are already in place for this shift to become a reality.
Nearly
two-thirds of employees use their own personal devices to work, which blurs the lines between their professional work and their personal lives. It also increases the chances that they’re using productivity applications and tools, often hosted within the
cloud, that may not be approved by their company.
While increased employee flexibility and technological tools may enhance productivity, recklessness can prove to be detrimental to an enterprise’s reputation and bottom line. The same study shows that 69 per cent of all employees ignore corporate policies
and use unauthorised, and often unsecured, free file-sharing services to access and send out corporate files. In fact, more than three-quarters of employees in the financial services industry are reported to be using free file sharing applications.
In terms of mobile workers, 45 percent of employees claim that they are
not concerned about the security of business data they store and access from mobile devices, often believing that the security on these devices, or the online applications they are using, is either secure enough, or someone else’s responsibility.
The threats from remote working
The value of the data held by the financial services industry has long meant it has been popular target for cybercriminals. With remote working set to increase in the coming years, the industry has become an even more attractive target.
Employees using more devices such as their tablets, mobile phones, personal laptops, and file sharing services to access sensitive information all contribute to a rising number of access points, resulting in more open doors through which cybercriminals are
able to gain access to valuable data. In addition, remote employees often fall victim to phishing scams, or have their devices hacked due to weak authentication methods, creating new security challenges for corporate IT teams.
Considering this, it should come as no surprise that one of the largest thefts of customer financial data in recent memory stemmed from cybercriminals gaining access to an employee’s computer as they worked from home.
How to combat the cyberthreats presented by remote working
Financial services organisations need to make sure they’re up to the task of protecting their expanding ecosystem of networks, and its often highly mobile data from the threats posed by cybercriminals. They need to strengthen their security posture, identify
where their critical assets are located, and respond to threats in real time. Integrated systems allow IT teams to monitor threats across the borderless network and wrap all security devices into a single platform, providing the access and visibility needed
to be successful.