Cyber security has recently been identified as one of the top risks facing banks, with the Bank of England’s systemic risk survey highlighting the extent of the challenge facing the industry. In response, banks have developed strategies to deal with such threats, backed by increased vigilance and innovative technology. But in a sector that is renowned for its global reach, the drive to offer convenience and ease of access to corporate and client data for staff on international assignments has changed the risk landscape forever.
The ubiquitous nature of smartphones and tablets has transformed the workplace, creating greater scope for flexible and remote working. But as the barriers to the use of personal devices have come down, the threat to corporate systems and confidential information has risen exponentially. Cyber criminals are eager to tap this rich seam of data and access gateway.
A sharp rise in the use of personally-owned devices in the workplace, dubbed ‘bring your own device’ or BYOD, has seen many organisations implementing policies for the use of non-corporate hardware. This trend is likely to continue, with some analysts forecasting a doubling of the current number of consumer devices in the workplace, reaching 350 million globally by the end of 2014. An additional challenge is also emerging in the guise of ’bring your own application’ (BYOA), where staff being confident with the latest app want that installed in all places that they work. Inevitably, this is likely to include personal, home and corporate devices.
With international assignments and remote working comes the risk of blurring the well-defined boundaries of a physical office, which goes well beyond the use of smart devices or the occasional day working from home. There is growing evidence to suggest that a greater focus is required to keep sensitive information away from prying eyes, while safeguarding the safety and well-being of staff.
Tackling this challenge is one that requires the involvement of HR, IT and security teams, to allow the development of a strategy that effectively addresses security, personal safety and corporate governance.
For any work in high risk areas staff should be issued with a ‘clean’ designated laptop, pre-loaded with a basic profile that does not contain company or personal data. This should have whole disk encryption installed, which renders the device unusable, should it fall into the wrong hands. In countries where stable internet access is available, some companies opt for ‘thin client’ type devices, which allow remote data storage over a secure connection, rather than held locally on the device itself.
Some simple additional steps, such as restricting the use of removable USB drives; strengthening passwords; and restricting user privileges can build further barriers to unauthorised access.
On location, the team must consider arrival and departure issues, particularly if carrying specialist kit and documents. Data storage and the possible removal of sensitive data from the jurisdiction can also prove challenging in some parts of the world.
Whether working out of a hotel room, a hotel meeting room, space in the firm’s local office or a client’s site, each scenario will present different security risks. Irrespective of the location, issues such as room cleaning and access control should be considered, alongside the safe storage and disposal of documents, flipcharts and diagrams.
Electronic devices are of particular concern and teams must remember working remotely means corporate security can only do so much; local security rests squarely with the staff on-site.
Laptops should be turned off when work is completed or not in use and these should not just be locked using the screen saver or left unattended in sleep mode, which may prevent encryption from being switched on. In particular, any training should highlight the importance of keeping an eye on laptops immediately after power down, as the encryption key is temporarily retained in the computer’s memory.
Public Wi-Fi hotspots have mushroomed in recent years and, while convenient, pose a particular security challenge for remote workers. If unavoidable, a secure connection, often referred to as a VPN, should be established before any sensitive data is transmitted or internet sites visited. Apart from the technical risks, there are also physical considerations, such as ‘shoulder surfing’ and eavesdropping. Likewise, if printing, copying or scanning a document on a digital device, including copy and fax machines in hotel business centres, an electronic copy is probably stored in that device and, therefore, vulnerable to unauthorised retrieval. For the same reason, electronic devices should not be lent or borrowed from anyone outside the organisation.
Security measures used for work-related equipment should also be used on personally-owned devices. It is important to remember that location services on smart devices and posting information to social media can inadvertently generate risks. Meetings where sensitive issues are being explored should be held in internal areas of the building and it is sometimes a good idea to change rooms with minimal discussion and notice. For high risk countries, some organisations may even opt to bring their own security specialist or employ a trusted source for technical security countermeasures (TSCM), such as bug-sweeping.
Mobile telephones pose a security challenge in their own right and should be protected, with particular attention to the SIM card. The same rules should apply to tablets, where appropriate.
Once back home, devices that have been used outside the office should be reviewed. Best practice would suggest quarantining such equipment before connecting to the corporate network, as any digital media used or collected during the visit and files transferred electronically could contain malware. A forensic examination of activity, such as existing processes/services, open connections, auto run features, remotely opened files, mounted and un-mounted volumes and virus content, will identify anything unexpected. This information, in addition to a formal debriefing of travellers returning from high-risk locations, will be valuable for future assignments and help develop a profile of personal and information security risks for a specific country, client or project.
International assignments, with or without smart devices, poses a particular security challenge. Preparation, investment in configuration and reporting procedures, along with training, vigilance and common sense, will help strengthen banks’ resilience to such threats.
Martin Baldock, CISSP-ISSMP, is a managing director of Stroz Friedberg, a digital risk management and investigations company.
5 steps for SMEs to budget properly for the coming year
By Fabio Comminot, Head of Dealing, Switzerland at Ebury, one of Europe’s largest Fintechs, has provided a five-step guide to make sure budgeting is done on time.
During the challenging times of COVID-19, it is difficult to forecast orders and costs. This is especially true for SMEs that operate internationally and therefore are exposed to currency fluctuations and market movements. So budgeting is immensely important.
Autumn is budget season for most companies. Upcoming project costs, sales and fixed costs must be defined or forecasted. Budget planning should be as accurate as possible right from the start of the process to avoid unexpected consequences at the end of the year..
With the effects of the COVID pandemic it has become difficult for all companies, no matter their size or history, to plan and make sales forecasts. Early planning and hedging are especially important for companies that work internationally and are therefore particularly exposed to currency risk.
These five steps will help SMEs take the right measures for the coming financial year, in time for budget season:
Step 1: Estimate your costs or sales in foreign currencies
As difficult as it may seem, every company must estimate its expected fixed and variable costs for the coming year. Most companies can forecast their revenues based on experience or existing orders.
However, start-ups or young companies should also be able to at least estimate their costs including rents, insurance, wages and production costs. Special attention should be paid to costs or revenues that are spent or received in a foreign currency.
Step 2: Profit or cost assurance – define the strategy
As soon as an approximate plan for the coming year is in place, the company should consider the importance of currency management. Regular earnings or expenditures in foreign currencies are exposed to movements in exchange rates. If costs in a foreign currency are to be forecasted until the end of the year, the company needs to minimise volatility. This means that the exchange rate should be fixed so that there are no unexpected negative consequences at the end of the year.
Another option would be to protect the operating profit. Fluctuating exchange rates can rapidly ruin intended profit margins. In this case the company could aim to define the forecasted sales in the foreign currency and fix the margin based on this.
Step 3: Fix your budget rates
The budget is set, the currency management goals are defined, the major part is done. Now it is a matter of defining the budgeted rates for the various currencies based on the current exchange rate. A buffer of about 5% can be useful when doing this – for example. instead of fixing the exchange rate from US dollar to Swiss franc at the current 91 cent, a rate of 95 cent could be budgeted. In this way, the minimum budget rate is defined and any negative exchange rate movement can be at least partially compensated for.
Step 4: Define the hedging strategy
With the targets and the budget course set, the next questions are: What currency developments can be expected? What is the industry outlook? Is the order situation relatively secure? Or is there practically no empirical data?
This step is where Ebury can support the company. Our experts in FX markets help answer these questions and begin to define the individual hedging strategy.
Step 5: Ensure a flexible fit
It’s done: the measures have been defined, now it’s time for implementation.
Ebury will implement the previous steps and , so that the company focuses on its core business. In contrast to traditional financial services providers such as banks, Ebury constantly monitors international trade and political events in order to assist clients with strategy adjustments. The Ebury team is supported by state-of-the-art technology and international currency analysts. It makes no difference whether the changes are driven by the currency market or whether the company’s order situation itself is changing. This allows the SME to focus on its operational business, which is worth a lot in uncertain times like these.
Nearly 14 Million1 UK adults more likely to spend on Black Friday than they were last year
Yolt launches evolved app to help shoppers save whilst they spend
- Across the UK, consumers are set to spend £6.4bn on discount days
- Despite the pandemic, 1 in 5 stated they would see an increase in their spending on Christmas this year, revealing they will be likely to spend £240 more than they spent last year
- Yolt today launches a brand-new evolution of the smart money app, which aims to help people save whilst they spend, saving a minimum of £416 a year
- To help people spend smarter this Black Friday, the smart money app Yolt has a host of new features including round up functionality, and cashback offers with a wide range of retailers including John Lewis, Argos, Asos and Domino’s
New research* from Yolt, the award-winning smart money app, reveals that over a quarter (26%) of UK adults have said they are more likely to wait for discount days, such as Black Friday, to do their Christmas shopping than they were last year. In response to the pandemic and to help people shop smartly in the run up to the festive period, Yolt has launched a brand-new evolution of its app designed to help users to save whilst they spend. New features include the Yolt account and virtual Money Jar, as well as new cashback partnerships with the likes of John Lewis, Argos, Asos and Domino’s. The evolved smart money app can be used to save shoppers a minimum of £416** a year.
Despite the challenging economic climate, Yolt’s data insights from the first lockdown period in the UK showed that there were increases of up to 355% on spending in categories such as groceries, online clothing retailers, takeaways, and streaming and gaming services. On top of this, Yolt’s data revealed a change in consumers’ financial priorities – with many attempting to save in lockdown, but 65% not being successful in doing so. Therefore, to enable people to find the right balance in their efforts to save for any uncertainty that lies ahead, but also enjoy discount days such as Black Friday and festivities in the run up to Christmas, Yolt has launched a host of new features uniquely designed to help people save whilst they spend.
The evolved app comes at a time of challenging economic conditions, where more UK consumers are actively seeking discounts to try and balance the books this Christmas. Yolt’s research found that consumers across the UK spend an average £6.4bn on discount days such as Black Friday.
In total, over a third (35%) of UK adults said they would be looking to take advantage of upcoming discount days, with nearly one in five (18%) stating they do all their shopping for Christmas and birthdays on discount days and during sales. UK consumers said they tend to spend over £120 on days such as Black Friday and Cyber Monday, and surprisingly almost one in five (19%) state they will actually see an increase in their spending on Christmas this year, verses last year. Those expecting an increase revealed they will likely spend an average of £240 more on this Christmas when compared to last year.
Concerns around affording Christmas are perhaps leading more people to take advantage of Black Friday deals than in previous years. Almost four in ten (37%) don’t tend to set savings aside for Christmas, and almost a quarter (23%) said they are going to have to dip into savings that weren’t allocated for Christmas this year. Finding the right balance between spending and saving for future uncertainty is going to be an increasing challenge for people during the festive period.
Pauline van Brakel, Chief Product Officer at Yolt, comments: “Given the incredibly challenging times we are facing this year as a result of the pandemic; it’s perhaps unsurprising to see that people are more likely to wait until popular discount days such as Black Friday to help them to spend smart over the festive period. Savvy spending in the run up to Christmas is always a good idea, and discount days can help ease what is for many a very expensive time of year – having said that, people should try not to overspend and risk getting themselves into debt.”
Pauline continues: “Finding the balance between spending and saving isn’t easy. And whilst it might seem like a difficult time to save right now it is also perhaps more important than ever. We’ve launched an evolved version of the Yolt app to help people save whilst they spend. The app enables people to spend smart by earning them cashback on their purchases at selected retailers and rounding purchases up to the nearest pound. Encouraging users to save is central to the app, not only by spending smartly but also by finding them competitive deals on their household bills and even spotting Christmas bonuses or refunds and prompting users to add them to their virtual savings jar.”
The new Yolt app is available from today, with full access to all UK users on iOS. Android will follow in 2021.
Christmas isn’t cancelled: European shoppers plan to spend more online this Black Friday
- Half (52%) of European consumers plan to do Christmas shopping around holiday sales, including Black Friday, compared to previous years
- 60% say they are planning to do most of their Christmas shopping online
- A third (34%) plan on leaving their Christmas shopping until the last minute in hope of securing bigger discounts
As Black Friday approaches, European consumers are not going to let a turbulent year spoil their Christmas. As shoppers continue to adapt to the changes caused by the COVID-19 pandemic, they are getting even savvier with their spending. New research from Kaspersky has found half (52%) plan to do more Christmas shopping around sales or shopping holidays, including Black Friday, compared to previous years. What’s more, a third (34%) plan on leaving it until the last minute in the hope of securing bigger discounts.
In a bid to enjoy Christmas while also adhering to COVID-19 social distancing measures, European consumers are focusing their attention away from physical stores to find their gifts. In fact, three-in-five (60%) say they are planning to do most of their Christmas shopping online. A fifth (20%) go as far as saying they will make all of their festive purchases online this year, despite not usually doing so.
With online sales set to rise, Kaspersky’s findings also indicate that most consumers are not expected to scale back on their Christmas spending – despite economic recessions across the continent. Only a quarter (26%) of consumers are planning to reduce their Christmas shopping budget this year by at least a third or more due to financial restrictions caused by COVID-19. However, this figure rises to 30% amongst 25 to 34-year-olds, the age group most widely affected by pandemic-related job cuts.
Yet, as the number of consumers bargain hunting online rises, so does the amount of risks being taken to secure big savings. Only 16% are not willing to exchange their personal data for online discounts – despite the potential of falling victim to fraudulent websites and sales scams.
“The festive period is always a big deal, and never more so than this year, as people seek to redress some of the chaos the pandemic has caused throughout 2020. It stands to reason that people are looking to do the majority of their sale shopping online in a bid to stay safe, as well as grab a bargain. But we must also consider that where the crowds go, the criminals follow. Just as pickpockets flock to crowded areas hoping to get lucky, cybercriminals will be looking at consumer shopping trends and trying to exploit people’s eagerness to grab a bargain and save some money. So, my advice would be that people do their research, follow some basic common sense measures when shopping and avoid getting swept up in the tidal wave of hype as we seek to remedy 2020 with a happy festive season. One thing to always bear in mind is that if it seems too good to be true, it probably is,” comments David Emm, Principal Security Researcher at Kaspersky.
Kaspersky warns bargain hunters to remain wary of potential Black Friday and festive season sales scams. If a deal looks too good to be true, it probably is.
Shop online with confidence this Christmas by following our advice on avoiding retail scams:
- Only shop with legitimate online stores. It’s always safer to type in the address yourself, or select it from your bookmarks, rather than clicking on a link. Use your browser address bar to check if the website you are visiting is genuine and secure and that they carry the padlock or HTTPS
- Complete purchases through secure payment methods. Pay with credit cards or robust payment services so that transactions remain protected
- Verify discounts. If you receive a sales discount via email or text, check the sender and any web links are legitimate before you click
- Keep your device software and applications up-to-date and protect all your devices with a reputable internet security product. Cybersecurity solutions with behaviour-based anti-phishing technologies, such as Kaspersky Total Security, can send your notifications if you are trying to visit a phishing web page
- Manage your passwords. Password managers can help you shop with multiple retailers by safely storing your credentials, so they are unique for all of your online accounts
Predictions 2021: The Path To a New Normal Demands Increased Business Resilience and Cost Efficiency
By Jussi Karjalainen at Valtatech A global pandemic, wild bush fires, a stock market crash, a presidential impeachment, and presidential...
Is now a good time to consider art as an investment?
By Anita Choudhrie, Founder of Stellar International Art Foundation Back in April, as Covid-19 began to have a significant impact...
DAC 6 – D Day is imminent – Update of key elements
By Andrew Knight is managing partner of Harneys Luxembourg office and head of its Tax and Tax Regulatory team in...
5 steps for SMEs to budget properly for the coming year
By Fabio Comminot, Head of Dealing, Switzerland at Ebury, one of Europe’s largest Fintechs, has provided a five-step guide to...
Cash in the time of Covid-19: A tale of financial exclusion
By Matt Adam, company’s chief executive, We Are Digital Financial exclusion rates are on the rise thanks to Covid-19. But...
Track and Trace and Other Lost Data
By Ian Smith, General Manager and Finance Director at Invu You, like me, were probably amazed by the now infamous...
Why ID verification is no longer a barrier to global growth in banking
By Barley Laing, UK Managing Director at Melissa Issues related to effective identity (ID) verification have restricted the global growth...
Digital Finance: Unlocking New Capital in Disrupted Markets
By Krishnan Raghunathan, Head of Finance & Accounting Services at WNS, explores how a digitally transformed finance department can give enterprises...
Beyond the bottom line: why brands must show they care to connect with customers
By Vadim Grigoryan, Partner, Lunu Over the past few years, we’ve witnessed an ever-growing activism among consumers, with public opinion...
O-CITY enters Kenya to drive contactless payments across Matatu bus service
Up to 10,000 buses to become cashless with O-CITY’s M-Pesa-based ticketing solution O-CITY, the automated fare collection provider by BPC,...