By Nicko van Someren, Chief Technology Officer, Good Technology
Over the past year, the threat of cyber attacks to the financial services industry has continued to grow. Attacks havebeen growing in both frequency and severity with the Information Commissioner’s 2014/15 annual report showing a 11 per cent increase in concerns reported.
This rise in the severity and number of attacks comes at a time when companies and employees are seeking to become more flexible with how and where they work. With a desire to increase productivity and reduce costs, companies frequently seek to improve workforce mobility by encouragingemployees towork remotely on mobile devices (whether companyor employeeprovided) and utilise cloud services. However, despite the great benefits that can accrue from encouraging these practices, mixing personal and corporate data can present a number of security risks.
As a result of recent security breaches at government agencies, insurance companies and even Hollywood studios, governments and regulators have taken action in an attempt to force regulated industries such as financial services to improve their processes. The proposed EU Cybersecurity directive on Network and information Security will require FS companies to have appropriate measures in place to manage their own risk. Under the proposal, regulators would then also have the authority to access bank security systems to check compliance.
These new rules are of increased importance to businesses with strict compliance requirements, as they face fines on top of the commercial and reputational damage a security breach could incur. This was demonstrated in Price Waterhouse Cooper’s 2015 US CEO survey,with results suggesting that most CEOs’ primary concern when it came to cyber attacks was the impact on their bottom line. In the UK last year, three banks were fined a total of £56 million for preventable computer failures, an indication of the importance of planning ahead when it comes to technology, especially in an industry with ever increasing regulation.
As a result of these increases in cyber attacks, workforce mobility and regulation, it is increasingly important to get the balance right between enabling users to work more effectively whilst protecting confidential information with encrypted security systems.This is why containerisation – securing sensitive commercial information on mobile devices in one application whilst not affecting other data on the same device – is rapidly emerging as the preferred way forward across many industries, including military and defence themselves.
The key to a successful container solution is to secure sensitive corporate data while not locking it down in a way that makes it too difficult for the end user to be productive on a mobile device. That can cause employees to seek other ways to communicate and collaborate while mobile, putting enterprise data at greater risk. However, if the container can allow one-time authentication that allows access to the full complement of enterprise productivity apps, that can actually enable a more seamless workflow that keeps data safe while at rest, in use and during transit between apps.
Secure container solutions are proving that security and usability don’t have to be a zero-sum game. As a proof point, all of the commercial banks in the FORTUNE® 100 have turned to Good Technology container solutions to securely enable their mobility initiatives. By allowing user flexibility to work remotely and saving costs through BYOD whilst protecting data from cyber attacks and complying with regulation, military grade security should be an attractive option for financial services firms.
Dr. Nicko van Someren is Chief Technology Officer at Good Technology. He is a fellow of both the Royal Academy of Engineering and the British Computer Society.