Connect with us

Technology

SIGNATURES – THE WEAK LINK IN THE CHAIN

Published

on

Ronan Lavelle ARX

By Ronan Lavelle, ARX

Across the financial services sector – retail banking, investment banking, insurance, accounting and so on – the adoption of enterprise content management systems for handling electronic documents and records-keeping has been widespread.  Yet when a signature is needed – for example, by a customer for ‘Know Your Customer’ compliance, or internally for Sarbanes Oxley adherence – this automated approach typically breaks down, due to the simple fact that a document has to be printed out in order to be manually signed.  Recent research underlines this: according to YouGov, 80 per cent of businesses print out documents to be signed and the financial services sector is one of the worst culprits, with that figure rising to 94 per cent.

Ronan Lavelle ARX

Ronan Lavelle ARX

Does it matter?  These issues should matter a lot to any organisation that cares about issues such as: creating seamless, automated end-to-end processes, ensuring the future traceability of signatures and reinforcing efforts to ‘go paperless’.  There’s also the equally important issue of efficiency: research by AIIM, the global association for information industry professionals found that organisations typically add one day to processes just to collect signatures.  YouGov’s research also found that 72 per cent of organisations experience delays due to the need to collect signatures.

The bottom-line is that for any financial services organisation that has invested heavily in workflow, BPM and document management systems, ‘wet ink’ signatures are the weak link in the chain.

So what’s the answer?  It’s possible to sign documents using electronic signatures (typically bit-map images) and these are sufficient in specific circumstances, but such signatures are not inherently secure or fraud-proof. This means that they are often not appropriate for the financial services industry, particularly considering the legislation and regulations with which such organisations must comply.

Introducing Digital Signatures
In recent years, another option has evolved: digital signatures. Their use is becoming more widespread to the point where industry experts including Forrester and Gartner predict that they will be a growth area in business technology. A fact that many people do not realise is that a wide variety of industry-specific regulations and country-specific legislation support digital signatures (a ‘wet ink’ signature is rarely the only option from the legal point of view).

In fact, it’s arguable that digital signatures are less prone to fraud and are inherently more secure than manual signatures using pen and paper.  Using authentication and PKI technology, the signature’s integrity remains intact regardless of where the document is sent or stored. Documents need never leave the organisation, remaining securely behind the firewall:  the only information that travels is a hash-code, which is created using encryption technology and is the only part that travels over the Internet.  In the event of this hash code being hacked, the information it contains is not usable by anyone other than the signature’s owner.

In the financial services market, example benefits include: the ability to demonstrate that financial trades have not been altered and to be able to ‘batch sign’ trades, which over the course of a year, could save a substantial amount of time.

Simon Reynolds is the Financial Services Business Development Director for Hewlett Packard.  He believes that digitisation of signatures is critical in the optimisation of paper based process.  “Financial services firms are facing challenging times with the growing demands of customers, new regulatory requirements, and strong industry competitors. The need for technology and automation in order to streamline processes is stronger than ever.  HP work with our financial services customers to optimize their flow of documents and information to help them reduce costs, improve efficiency, and deliver highly competitive, customer-centric services that help them retain and expand their customer base.

The signing process is the key to the execution of a legally binding agreement and is therefore central to the overall document or business process cycle.  Therefore, anything we can do to replace the traditional “wet” signature with a more efficient, more secure digital signature is vital to our efforts to replace paper-based processes with electronic ones and securely automating as many previously manual steps and procedures as possible”.

Signatures are used all over financial services organisations, including HR, finance, IT, sales and legal among other departments to eliminate the need to ‘break out’ of an automated process in order to print a document, sign it and then scan it back in (a process which obviously leaves a lot of room for error). In addition, they help companies establish a comprehensive repository of legally-binding signatures for future auditor and regulator inspections.

In fact, wherever workflow, BPM, CMS, records management, eDiscovery and document management systems have been implemented, digital signatures can improve their return-on-investment (ROI) by ensuring that processes remain seamless and automated from end to end.  AIIM’s research into the digital signatures market found that 81 per cent of survey respondents saw a 100 per cent pay-back within one 12-month budget cycle, with 25 per cent of those seeing a full ROI in just three months.

Implementing Digital Signatures
Having demonstrated the business case for digital signatures, what should buyers in the financial services market be looking for?

  1. Does the document become tamper-proof following the signing process (the signature is invalidated if anyone changes the document)?
  2. Does it support the systems and applications already being used in the organisation such as Microsoft Office, SharePoint, Oracle, OpenText, Alfresco, etc.?
  3. Are the signers’ graphical signatures easily viewable so that readers can see at an instant if the document has been signed or not?
  4. Can multiple signatures be added to the document and at different points in time?
  5. How simple is the installation process, how much maintenance and training is required, and does the system support both server- & cloud-based implementations?
  6. What about the user directory – does it integrate into the ones that are already in use in the organization (such as Microsoft Active Directory)?
  7. What legislation and regulations does the system comply with – both industry and country-specific?
  8. Can signatures be viewed and verified by any third party (in other words, recipients do not require access to the digital signature solution itself in order to validate)?
  9. How easy is the system to use, especially for people who are not confident about using technology?  Can it be easily accessed on mobile devices such as tablets and smartphones?

What does implementation, total-cost-of-ownership and on-going overhead involve in terms of costs?  What is the likely return-on-investment timescale?

Regardless of any one specific solution, one thing is clear: digital signatures have a lot to offer financial services organisations, enhancing the efficiency and security of business processes and ensuring compliance with industry regulations and legislation, while reducing the paper mountain at the same time.

For further information, please download this free white paper: http://www.arx.com/resources/white-papers/10-Tips-for-Selecting-the-Best-digital-signature-solution.htm

About the Author
UK Country Manager is Ronan Lavelle, who brings 18 years’ experience in information, document, content, contract and workflow management technologies.  ARX is the provider of CoSign, the most widely-used digital signature solution in the world with millions of signers at security-minded businesses, governments and cloud services. CoSign was recognized by Forrester Research as the ‘Strongest Digital Signature Solution’ in the Forrester Wave: E-Signatures, Q2 2013 report.

Technology

Endpoint Security Industry: An Overview

Published

on

Endpoint Security Industry: An Overview 1

Endpoint protection is the practice of stopping unauthorised actors and campaigns from targeting endpoints or access points of end-user computers like desktops, notebooks, and handheld devices. Endpoint security solutions guard against cybersecurity risks to these access points on a network.

From standard antivirus applications, endpoint security has developed to offer robust protection from advanced ransomware and emerging zero-day attacks. Nation-states, organised crime, hacktivists and deliberate and unintentional insider attacks are at risk of organisations of all sizes. Endpoint defence is also seen as the forefront in cybersecurity, which is one of the first locations businesses look to protect their business networks. Digital Audio Workstations [DAWs] Market

Modern EPPs harness the cloud’s ability to manage an ever-growing hazard intelligence database, release bloat endpoints correlated with locally storing all this intelligence, and the maintenance needed to keep these databases up-to-date. It also provides superior speed as well as scalability to access this data in the cloud. The EPP includes a single console for system administrators that is mounted on a network gateway or server that enables cybersecurity experts to centrally monitor the protection of each computer.

An Evolution in Endpoint Security

Over the years, the defence of endpoints has progressed from primitive antiviruses to more sophisticated next-generation antiviruses using advanced technologies, new and improved identification and the response of endpoints, and the OS-Centric Optimistic Security strategy. In a constant basis, it shifts. Network vulnerabilities from yesterday are today’s strengths.

Tomorrow’s vectors of attack will inevitably be defended. And then, it’s off. Yet there has been a step-change in the cybersecurity world. The global pandemic got humanity to fewer than 12 parsecs in the Future of Jobs. In two weeks, strategy plans that were set out to be applied in two years were followed. Attacks grew as the perimeter of the network extended indefinitely. And the CISO obeyed and kept the company secure. To focus on endpoint defence, the cybersecurity world aligns.

Key Components of Endpoint Security

Endpoint encryption and application control, two main components of an efficient endpoint protection solution, are important endpoint security layers that prevent problems such as data leaks from occurring deliberately or accidentally by copying or moving data to removable media devices. Endpoint encryption completely encrypts endpoint data, like notebooks, cell devices, and other endpoints, as well as directories, archives, and portable storage devices, such as CDs and USB drives, for your business.

Application monitoring, a key component of robust endpoint protection initiatives, avoids the operation of unauthorised software on endpoints. Regulation of software addresses the problem of workers installing unauthorised or unsafe software on mobile devices that may build network bugs and result in unauthorised entry.

Endpoint security is handled in the business environment by a central management server that tracks and handles all endpoint connexions to the network. However, security solutions such as antivirus software are monitored and managed at individual endpoints in the consumer environment, without the need for central administration.

The Risks of Endpoint Threats

Security is rapidly changing in today’s mobile world, and endpoints now form a new perimeter, and companies need to secure their data across networks. As companies expand, so do their vulnerabilities, and all businesses must secure endpoints regardless of size or stature. However, there is no apparent, easily guarded line that can hold all the data in and attackers out of the system with the growth in telecommuting, more workers requested or compelled to operate from home, the Internet of Things (IoT), and cloud services.

Endpoint threats help to know what kind of susceptibilities exist to gain an improved understanding of what is required from endpoint protection. A few kinds of attacks that are or are becoming more common are listed below. It is necessary to bear in mind, however, that many more forms of attacks exist and attackers every day learn new methods. Legal ramifications: Infringement of data and loss of personal or confidential information is a serious problem that can lead to considerable legal harm. Reputational damage: Businesses suffering data breaches and cyber-attacks are at risk of adverse public opinion, leading to reduced brand and reputational damage.

A Glance at Importance of Endpoint Security in Today’s World

Endpoint security strategies play a significant role in defending against today’s increasingly advanced cyber threats. Today’s cyber-attacks need a new line of security protection. For a variety of factors, an endpoint defence framework is a critical part of enterprise cybersecurity. First of all, data is often the most important asset a company has in today’s business environment and losing that data or access to that data could put the whole business at risk of insolvency.

Businesses have now had to deal with not only a rising number of endpoints but also an increase in the number of endpoint forms. These variables make it more difficult for enterprise endpoint protection on their own, but they are exacerbated by remote work and BYOD policies that make perimeter security increasingly inadequate and generate vulnerabilities.

The threat landscape is also becoming more complex: hackers are constantly seeking new ways to gain access, steal data or trick employees into distributing confidential data. The endpoint security platforms have become a must-have in terms of protecting modern companies because of the cost of a large-scale breach, cost of transferring resources from business objectives to tackling threats and the actual financial cost of enforcement breaches.

An entry point for threats is given by any computer, such as a tablet, smartphone or laptop. Endpoint security seeks to properly protect any endpoint connecting to a network at these points of entry to block access attempts and other risky activities. The corporate network security perimeter has effectively collapsed as more companies accept activities including BYOD (Bring Your Device) and remote/mobile workers.

The need for effective endpoint protection measures, especially because of the increase in mobile threats, has increased substantially. A centralised security solution is no longer sufficient for today’s ever-shifting and undefinable security limit, with workers relying on mobile devices and laptops to work and connect to business networks. Endpoint security offers a further shield to centralized security controls at the point of entry for some attacks and the point of exit for sensitive information.

Differentiating Endpoint Security from Anti-Virus Software

What separates endpoint protection from popular anti-virus applications is that endpoints are responsible for or more of their protection in the endpoint security framework. This goes against network security, where security measures protect the network as a whole instead of certain computers and servers. Endpoint defence, however, is not carried out exclusively on smartphones.

Common endpoint defence techniques with security tools on a central server or control board and tools on individual devices provide a two-pronged approach. Still, by some definitions, certain simpler types of protection fall under the safety umbrella of the endpoint. That said, modern concepts of endpoint protection typically define more sophisticated methodologies, including intrusion detection and behaviour-blocking elements that either end-users or intruders recognise and block threatening activities and behaviours.

Common Trends in Endpoint Security

Endpoint security trends forecast the future of endpoint threat management and the solution features that we will see in the future in the industry. As trends for the year 2018, several developments have been facing, including machine learning and AI, SaaS-based endpoint defence, layered protection against file-less attacks, putting IoT devices under the protective umbrella, etc.

Today’s methods can achieve better remediation, which ensures that operations such as deleting data, terminating procedures, and rolling back photos of the system can spare IT, employees, the tedium of manually reimaging violated systems.

Endpoint Security Software Features to Look for in 2020

There were 4.1 billion accounts of data threats in the first half of 2019 alone. Therefore, employing an endpoint security framework has become essential for every enterprise. Some of the top endpoint security software features to look for: Securing devices, especially USB ports, generating reports, Device-based and user-based security policies, Application Control, Remote patch installation to quickly fix critical vulnerabilities, Strong secure communication encryption algorithm, Receiving configuration security/status alerts, Browser management

In 2020, companies must secure more ends than ever with the global pandemic COVID-19 requiring more workers to operate remotely. Attackers know that human beings, who now often operate beyond the regulated environment created by office computers and networks, are the weakest link to security. Forced outside of the formal system, individuals are more vulnerable to weaknesses and generate openings for attack.

The Future of Endpoint Security

In 2020 and the near future, enhancing endpoint protection needs to be a top priority. The borderless and non-discriminatory existence of cyber-attacks means that sharing their experiences and working together to defend themselves and the general population is essential for the cybersecurity industry. Endpoint security has grown from modest beginnings of protecting standard PCs to protect complex networks in large enterprises, protecting varied environments like business-issued hardware, programmes for bring-your-own-device (BYOD) and more.

For corporations and private clients, cybersecurity used to be all about protecting the endpoint. Since then, rapid technological growth has forced security firms, such as Bitdefender, to develop new techniques and business strategies that could meet the needs of ever-larger organisations. 86% of all infringements are financially motivated, where risk actors are after financial data, intellectual property, health records, and consumer identities of companies that can be easily sold on the Dark Web.

Cybersecurity has repeatedly become one of the leading anxieties for companies around the world in recent years, and this pattern will worsen in 2020. We expect to see an increase in new specifications as businesses increasingly recover from the current pandemic. The evolution of large-scale breaches symbolises a growing trend in the number and gravity of security breaches. Data breaches frequently disclose confidential information that also puts consumers at risk of identity fraud, damages the reputations of firms, and puts businesses responsible for violations of compliance. Cyber Observer, a comprehensive solution for cybersecurity management and understanding, estimates that by 2021, cybercrime harm is expected to exceed $6 trillion annually.

Conclusion

Security is constantly evolving and there is a possibility that the future might hold much more than what we have seen. We cannot, however, ignore the changes that have been seen from the past several years to where we have gotten to today.

Who We Are

Adroit Market Research is a global business analytics and consulting company. Our target audience is a wide range of corporations, manufacturing companies, product/technology development institutions and industry associations that require understanding of a market’s size, key trends, participants and future outlook of an industry. We intend to become our clients’ knowledge partner and provide them with valuable market insights to help create opportunities that increase their revenues. We follow a code– Explore, Learn and Transform. At our core, we are curious people who love to identify and understand industry patterns, create an insightful study around our findings and churn out money-making roadmaps.

Continue Reading

Technology

Technology: the saving grace of the month-end headache in financial reporting

Published

on

Technology: the saving grace of the month-end headache in financial reporting 2

By Tiffany Newkirk, Financial Solutions Manager at SplashBI 

The end of the month is a challenging time for many accountants and financial analysts as they race to close their books and complete their reporting on time. Whether they are using Oracle Cloud or on premise solutions, the final hurdle has its highs and lows. With accounts to reconcile and financial statements to analyse, accountants and financial analysts are left with little time before the crucial deadlines are in front of them. As a result, time needs to be maximised so that they have all the answers at their fingertips when presenting to the business, board members and executives. These are the aspects of the role that financial analysts adore – and manual intervention shouldn’t be the blocking stone of success.

Preparation for month-end reporting involves financial analysts spending long periods of time focused on analysing spreadsheet after spreadsheet. Tiffany Newkirk, Financial Solutions Manager at SplashBI, explains that month-end reporting shouldn’t be as problematic and frustrating as it is. To move forward, financial analysts need to incorporate technology to provide a visual representation of the data so their role becomes as efficient and sustainable as possible.

A new beginning

Overtime and stress are two common issues that accountants and financial analysts experience when completing month-end close reporting. As many as one in four financial analysts describe the pressure of financial reporting being overwhelming, resulting in employees leaving the job they love; a situation that no senior management team wants to occur.

According to a recent survey, as many as 73% of accountants and financial analysts are still operating in a manually intensive, spreadsheet-driven system that limits or removes any time for analysis. In the same survey, 84% said they would prefer the financial close process to take up less time, that could in turn be devoted to more strategic financial projects. From a health and wellbeing perspective, the drive to utilise technology will help improve the efficiency and accuracy, especially at this turbulent time, and allow more time to be spent exploring the results and having the answers readily available for senior-level discussions.

A long-awaited transition

Companies of all shapes and sizes have long sought ways to streamline their processes so that accountants can spend less time collecting numbers and more time analysing the impact and results with senior stakeholders. Finding the right equilibrium between speed, accuracy and employees’ needs is key, and financial experts need to embrace technology and its visual qualities in order to achieve this.

While spreadsheets are a useful tool, they can be prone to errors, especially if formulas are entered incorrectly. Management teams want to understand the implications of the data in front of them, and with the aid of financial experts, bring the data to life in a much more visual and empowering way, ready to spot the next business opportunity. Working solely in a spreadsheet rarely allows this to happen.

Instead, technology can help drive smarter decisions, by making the data come to life and presented in a variety of visual formats. By combining the numerous, disparate systems required to achieve a successful month end close, financial analysts and CMOs can view real time data at a click of a button to make informed decisions in the future.

Conclusion

In an increasingly digitised world, real time financial reporting and accurate forecasting are more vital than ever to achieve a sustainable and efficient business model. Given the circumstances faced throughout 2020, effective financial management provides businesses with a competitive advantage and greater insights to drive profitability and efficiency.

Letting go of tired and archaic practices will drive financial roles forward and open the door for a myriad of opportunities when accountants and financial analysts expand their reliance on technology and move away from traditional methods. Moving forward, organisations that don’t incorporate technology into their month end reporting will be left behind, and not reap the rewards. It’s time for the face of financial reporting and analytics to change to become a seamless, stress-free and data-driven process.

Continue Reading

Technology

Entersekt provides clarity on Secure Remote Commerce authentication techniques for financial institutions

Published

on


Entersekt provides clarity on Secure Remote Commerce authentication techniques for financial institutions 3

New whitepaper from Mercator available: Revisiting Authentication in the Age of SRC and EMV 3-D Secure

Is it time for a new authentication strategy in light of international mandates for Secure Remote Commerce (SRC) and EMV 3-D Secure? This is the question posed to financial institutions (FIs) in a new Mercator Advisory Group whitepaper entitled Revisiting Authentication in the Age of SRC and EMV 3-D Secure.

The paper, licensed by Entersekt for public distribution, delves into the role SRC and EMV 3-D Secure will play in the European Union’s Strong Customer Authentication (SCA) requirements under the revised Payment Services Directive (PSD2). It finds that now would be the ideal time for FIs to rethink customer authentication strategies, particularly with the deadline for full SCA compliance approaching on the 1st of January 2021.

“Consumers face an increasingly complex authentication landscape, which can vary greatly depending on the communication channels they use,” said Frans Labuschagne, UK&I country manager at Entersekt. “Multiple authentication techniques create unwanted friction and uncertainty. This paper gives actionable advice to FIs that need to keep security top of mind while also providing a good user experience.”

All card issuers competing for top of wallet will find useful insights in this whitepaper, which states that, “Since it is well recognised that convenience is critical to consumer adoption, it is time for financial institutions to rein in the multiplicity of authentication methods they use to identify account holders and even employees.”

Some of the key findings include:

  • The lack of an integrated solution results in an inconsistent user interface.
  • Inconsistency not only detracts from a customer’s experience but is likely to disrupt any cross-channel implementation plans an organisation might have.
  • A customer who is presented with the same authentication technique for every interaction becomes more familiar with that technique.
  • The authentication technique should be implemented on a smartphone, which 89% of UK residents between 16 and 75 already have.
  • Consumers increasingly trust smartphone-based biometrics and are growing accustomed to using smart speakers for a range of use cases.

 

To download the whitepaper in full, please visit: https://www.entersekt.com/resources/white-papers/revisiting-authentication-src-3ds

 

This is a Sponsored Feature

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

The UK’s National Data Strategy – Too Much Love? 4 The UK’s National Data Strategy – Too Much Love? 5
Top Stories17 hours ago

The UK’s National Data Strategy – Too Much Love?

By Julian Hayes, Partner at BCL Solicitors LLP “We want the UK….to be the best place in the world to...

B2B plays a big role in our economy, but how can it contribute to our recovery? 6 B2B plays a big role in our economy, but how can it contribute to our recovery? 7
Business17 hours ago

B2B plays a big role in our economy, but how can it contribute to our recovery?

By Richard Parsons from True, creative B2B marketing agency, discusses the current state of marketing and looks ahead to what...

UK leads the way in sustainable finance with the first set of requirements for investment management 8 UK leads the way in sustainable finance with the first set of requirements for investment management 9
Investing18 hours ago

UK leads the way in sustainable finance with the first set of requirements for investment management

BSI, in its role as the UK National Standards Body, has today published the first specification for responsible and sustainable...

Why investing should be treated like healthcare 10 Why investing should be treated like healthcare 11
Investing22 hours ago

Why investing should be treated like healthcare

By Qiaojia Li, co-founder and CEO at the award winning wealthtech company, Rosecut For many people, the process of investing...

Endpoint Security Industry: An Overview 12 Endpoint Security Industry: An Overview 13
Technology23 hours ago

Endpoint Security Industry: An Overview

Endpoint protection is the practice of stopping unauthorised actors and campaigns from targeting endpoints or access points of end-user computers...

Tech-enabled cash management strategies have come to the fore during the Covid-19 pandemic – and will be key to firms’ recovery from it 14 Tech-enabled cash management strategies have come to the fore during the Covid-19 pandemic – and will be key to firms’ recovery from it 15
Finance24 hours ago

Tech-enabled cash management strategies have come to the fore during the Covid-19 pandemic – and will be key to firms’ recovery from it

By Ed Thurman, managing director and head of Global Transaction Banking at Lloyds Bank Commercial Banking, outlines how technology-enabled solutions are...

5 ways to keep your team connected with split working 16 5 ways to keep your team connected with split working 17
Business24 hours ago

5 ways to keep your team connected with split working

By Sam Hill, Head of People and Culture at BizSpace  As the government switches its message back to “work from...

How to overcome the ‘groundhog day’ effect Of remote working 18 How to overcome the ‘groundhog day’ effect Of remote working 19
Top Stories1 day ago

How to overcome the ‘groundhog day’ effect Of remote working

By Chris Farmer, leadership and management training expert and founder of Corporate Coach Group The ongoing pandemic means that for...

FinTech in Credit Markets: Efficiency and Potential Risks - Free webinar 20 FinTech in Credit Markets: Efficiency and Potential Risks - Free webinar 21
Uncategorized2 days ago

FinTech in Credit Markets: Efficiency and Potential Risks – Free webinar

As the financial industry’s landscape continually changes, the ever-quickening development in information technology has led to an unprecedented wave of...

The new virtual leaders – adapting your leadership style for a changed workforce 22 The new virtual leaders – adapting your leadership style for a changed workforce 23
Business2 days ago

The new virtual leaders – adapting your leadership style for a changed workforce

By Debbie Clifford, Head of People and Talent at Olive During this pandemic, organisations across all sectors have witnessed a dramatic...

Newsletters with Secrets & Analysis. Subscribe Now