Five Risk Management Must-Haves for Modern Financial Institutions
Bonnie and Clyde wouldn't recognize many of today's bank robbers. While a modern-day heist still involves stealing money, it's more likely to feature someone sitting in a basement somewhere, taking both dollars and data by hacking a network.
Banks, credit unions and investment firms face new challenges when attracting customers and expanding market share. They need to do more with less by integrating technology with core banking systems and accounting for how millennials do things differently than their parents did (buying homes and applying for loans, for example). With these challenges comes the need to upgrade technology.
If you work with other people’s money, the security of the technology you put in place should be top of mind. What are the best tools at your disposal right now?
1. Security as a Service
One of the biggest hurdles for any organization is ensuring the security of their data. A Security Operations Center (SOC) can help. A SOC will monitor your systems to detect data breaches and respond to them for you. This can be valuable for an organization that does not or cannot employ full-time cybersecurity experts to watch network activity.
2. Cybersecurity Scores
Cybersecurity scores are like credit scores; they assess and score information security within an organization. A detailed assessment will review security controls at four different levels within your organization and give a numerical score based on these controls. With your score, your organization can make calculated improvements to manage risk. The score is also a valuable tool to prove you’re secure to customers, partners and vendors.
3. Printer and Fax Security
We encourage financial institutions to pay special attention to the security of their printers, copiers, scanners and fax machines. This means recognizing that any network-connected device is an endpoint that can be hacked and utilizing secure follow-me-print technology. Follow-me-print solutions offer reporting tools that will meet security compliance requirements from auditors. We've heard from clients in the financial industry that they can’t just check a box anymore saying they’re compliant, and these reports help to prove compliance.
Learn how one multi-branch business made printing more efficient for employees traveling between locations.
4. Connectivity Checks
Some of the most basic advice we can offer is to stay on top of your systems. Make sure regular maintenance is performed and that everything is running the way it is supposed to. IT departments get busy and it’s easy for something to be overlooked.
For organizations with branch locations, when was the last time connectivity between branches was evaluated? This might mean re-evaluating Wide Area Networks (WAN) or keeping track of other infrastructure projects such as wireless, switches, firewall, anti-virus, backup, disaster recovery and business continuity.
5. End-User Security Education
From the people who manage and secure your IT infrastructure, to your employees and customers, everyone needs to be vigilant about keeping data secure. Cybercriminals are getting smarter and using social engineering to convince end users to click. They access your network first and could be there for months, silently watching who you interact with regularly. This makes it easier for them to trick you into thinking a phishing email came from someone trusted within your company.
Do your end users know how to spot a phishing email? Do they know to call for help when red flags like lost connectivity or unexplained system slow-downs occur? Your network is only as secure as your least-trained end user.
Any member of banking and finance organizations such as the Independent Community Bankers of America or the Minnesota Bankers Association can tell you that technology is changing the industry. We’ve all seen examples at recent seminars and tech conferences. We’re attending them alongside our customers and are tasked with presenting new ways to leverage technology and help their organizations succeed. Bringing fresh, innovative ideas is a part of our business. Making sure our banking customers succeed is our greatest achievement. If you need help with any of the suggestions above, don't hesitate to contact us.
Ray is an IT account executive with nearly 25 years of experience making IT work for companies of all sizes. He has spent the last 5+ years working primarily in the banking and finance market. Ray understands the challenges of the industry and impact of today’s compliance and security pressures. In his free time, Ray enjoys coaching soccer and reading.