Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

MAKING IT SECURE IN THE FINANCE DEPARTMENT – WHY EMPLOYEE EDUCATION IS ESSENTIAL

Neil Bramley, B2B PC Business Unit Director, Toshiba Europe

Neil Bramley
Neil Bramley

CIOs today are confronted with an ever-evolving IT landscape, which brings opportunity and risk in equal measure. For every new device which enables enhanced productivity and the ability to work from anywhere, there is also one more potential security loophole within the business. Managing this balance between embracing workflow-enhancing innovations and ensuring strong security defenses is crucial, and so companies look to the senior IT team to help workers safely transition to new technologies and devices which can help them maintain a competitive edge.

While maximising both productivity and security hand-in-hand is a tricky objective, it is still the end goal and expectation many companies place on their CIO. The challenge is that behind every device there is a user, a user who is often the weakest link – even in the most secure IT infrastructure.

CIOs by definition tend to work within established companies with hundreds or thousands of employees, based across a multitude of departments and often over several regions. All staff have different technological requirements, and this is especially the case when it comes to security. Managing all of these staff is a daily challenge for IT departments, and IT education should be a central part of any strategy. But should they be focusing more on certain departments than others?

A Toshiba survey of senior IT decision makers across Europe found that finance staff are among the most likely to ignore any regulations put in place when it comes to using IT solutions without official approval, with 27% of those questioned stating this view. Financial data should be among the most securely protected within a company’s network, but human error can quickly undo any robust barriers that are in place. There is of course significant risk associated with the mismanagement of financial data, so it is essential companies focus on educating their finance staff on IT protocols and best practice, and the importance of toeing the line. Within the department, companies will not only hold their own financial records, but also potentially payment details for customers and partners which, if breached, would be severely damaging for all involved.

But this challenge goes beyond the finance departments, with Toshiba’s research showing that the majority of companies are experiencing difficulties of this nature. 84% of those surveyed said the unauthorised use of IT systems and solutions happens to some degree within their company, with 43% saying it is a widespread problem. This is most true with the hardware in use, where file safety is literally put into the hands of employees. For example, many staff may feel it is acceptable to use a personal device while working from home, lacking any in-built security barriers which should be in place when working outside of the office. In reality, it is essential staff consistently use business-built hardware which combines security with productivity-enhancing solutions. Devices such as Toshiba’s Portégé Z20t-C are built for modern business, and feature robust tools. In the case of the Z20t, Toshiba’s own BIOS provides enhanced manageability, while additional peace of mind is provided through the enhanced encryption and secure sign-in options of the Trusted Platform module (TPM) feature.

Ultimately, responsibility for IT security falls at the feet of the CIO, and any data breaches or attacks today can be critically damaging for a company – risking fines and destructive reputational damage. Technology can and must play an integral part in maintaining a secure IT infrastructure. Zero client solutions, for example, provide one way of addressing data leak issues, as they can provide a secure environment which moves all data, solutions and applications away from the potential vulnerabilities of a specific device, while also offering the freedom for different departments to embrace varied, hosted solutions. But equally important is the human touch, and CIOs must make sure all employees are well educated when it comes to the IT strategy and infrastructure put in place. If not, they will be the first to be held accountable for any security crisis. Many companies fail to invest in security defenses until they’re forced into action by a major incident – by which time it is often too late. It is imperative CIOs act now to ensure they and their employees are doing everything they can to safeguard the business against growing IT security hazards.