Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Can the financial industry ever be truly flexible?

By Dave Hornby, Business Development Engineer, EMEIA at Jamf

The financial industry is tasked with keeping a secure network and following a plethora of strict industry standards. While Regulators in the UK and Europe have loosened some of the rules for companies to continue operating at a time of crisis, the financial industry must continue to be both compliant and conformant to requirements or they could face heavy fines and court action.

These fears teamed with managing remote staff who are logging in from an array of premises, with devices that may not be owned by the company, has meant remote working hadn’t previously enjoyed widespread adoption until it became compulsory for non-essential workers to stay at home.

The key to solving this challenge is by striking a balance between data protection, compliance and employee trust and productivity. Financial organisations need to first gain a holistic overview of how employees will use devices to access information, what access employees need to perform their role, and how the organisation can offer a great experience while implementing a secure and robust device and app management strategy.

Securing Remote Workers

The safety of an organisation’s customers, workforce and devices should be paramount and that means looking at the type of devices connecting to the network. Choosing devices that employees are familiar with, and may already have, can go a long way in making sure user productivity continues. Apple has increasingly become a firm favourite within the enterprise because it’s easy to use and manage, and has numerous built-in native security features that can be leveraged – even the App Store is closely vetted with guidelines.

Managing installs

Financial organisations need to look at, and pre-approve, the apps and software that are required by employee role and ensure they meet compliance and regulatory requirements. The Financial Conduct Authority (FCA) is the conduct regulator for 58,000 financial services firms and financial markets in the UK, and has strict guidelines which businesses must adhere to in the office and at home.

All software and apps need to be systematically updated regularly, including the operating system in order to get essential security updates as well as functionality. A rogue app can be used to share confidential data and gaps in software can lead to weakened entry points – perfect for cyber criminals to attack. The IT department can empower employees with privileges to install specific apps and software to work productively but additional security may be needed to remain secure. For example, some threats are at root-level: Zoom’s recent vulnerability was due to the use of an insecure system API Authorization Execute With Privileges, which could allow attackers to hijack the camera and microphone of users as well as elevated privileges. This is why device security alone is not enough and several security layers are needed.

By using a third-party solution provider, IT teams can manage the roll out of both devices and apps that enable them to maintain the security of those devices from one central location and at the click of a button. This will also help to identify where there are gaps in security and what access is needed. The IT department can then impart access to employees to take on some of these actions, helping to build an environment of trust and reducing the burden on the team.

Additionally being able to detect anomalies in usage, can help to identify the prevalent threat patterns attacking the business to help focus where security needs to be applied.

Access management

A common bugbear for IT departments is the ongoing burden of password reminders and resets, but if employees are unable to login or access their emails and systems, the working day can grind to a halt. Organisations can empower employees to receive login reminders or resets and provide multi-factor authentification to add an extra layer of security.

Financial organisations must show evidence of delivering strict, specific and appropriate access to information for employees. It’s a particularly pressing matter within the finance and banking industry as insider trading remains an ongoing issue and can heighten during the lockdown.

Employees should have access to specific files and documents relevant to their position. If an employee moves department, the IT team can simply revoke their access from one and assign them to another – keeping them productive and the business safe.

If a breach does occur, being able to remediate and analyse the entry point is vital – this way the IT team can quickly login and lock down that MacBook or iPad to stop the threat from spreading.

Educating staff

While the current crisis has meant financial organisations have had to think quickly and deploy remote working at scale, it is an opportunity to provide updated communication plans to all staff on security policies and expectations.

The financial industry can be more flexible in its working practices for the benefit of its employees and customers – as long as the right security steps are taken to remain compliant. Technology solutions that can make managing consumer IT, such as Apple, a benefit when needing to create a remote workforce will be essential– particularly if that solution can offer overall visibility and threat detection.

This is a Sponsored Feature