By Harishankar Kannan, CEO, Scalefusion
Most of us have grown up in an era when the simplest of banking tasks like transferring or withdrawing money seemed a daunting task. And in case the requirement was that of a demand draft or even getting KYC done, it entailed one to save a few hours from the day for visiting the branch. While the situation improved a great deal with the advent and accelerated adoption of ATMs over the 1990s and early 2000s, banking has evolved drastically since then. Today, it’s a matter of seconds to transfer money or view an account statement. Even on a packed office day, one can complete their e-KYC and request a chequebook with a few taps on a smartphone.
Instead of waiting for customers to step inside the branch, a bank’s relationship manager can visit the former and approve even high value loan requests from anywhere. The approval can then easily be processed using a tablet that is connected with the bank’s secure network. Thanks to the modern structure and digital infrastructure of BFSI institutions, bank representatives can now serve their account holders from anywhere, agents can process insurance policies without needing to rush to the branch each time, and customers can avail most services merely through an app.
While this advancement and widespread adoption of technology truly empowers the BFSI ecosystem, it brings along several risks and security concerns, compelling the banks and financial institutions to work in the most regulated and high-risk digital environment. With imminent and intermittent new threats, regulatory frameworks, expanding digital services and needs of hybrid operations in the fray, the security controls too have been enhanced significantly, resulting in a sort of tool sprawl.
The financial institutions essentially bank on a number of overlapping solutions embedded across different security layers. For instance, there’s Unified Endpoint Management (UEM) and Mobile Device Management (MDM) systems for an effective endpoint management, the same is safeguarded by antivirus and EDR tools. To ensure adequate security and ease of function, the institutions further integrate identity and access management solutions, security monitoring platforms like SIEM/SOC, along with remote access technologies such as VPN, NAC and ZTNA, patch & vulnerability management systems and compliance/audit monitoring tools. A major cause of concern here is that all aforementioned tools are usually sourced from different vendors.
Though each of these tools serve specific purposes critical to the overall operations, the lack of a unified system makes it a cumbersome task for the security teams, who are compelled to keep a tab on multiple dashboards, alerts and integrations across different third-party platforms. While it hinders the implementation of consistent security policies, it also adds to the operational cost and slows down the response time. There is also a possibility of real threats going unnoticed if events from different security signals are not comprehended and correlated in real time.
This pretty much explains as to why banks and financial institutions continue to have gaps despite multiple security tools. Despite investing heavily in security technologies, some of the most common gaps experienced by the BFSI institutions include inconsistent access controls, delayed detection of threat and unmanaged endpoints. It thus becomes imperative for the BFSI organisations to reconsider their existing security mechanism and approach modern solutions relying on a more unified framework.
The solution, therefore, lies in adopting a consolidated platform that integrates the diverse set of security needs such as device management, compliance monitoring, identity-driven access etc. The idea is to protect sensitive financial data with enterprise grade security and uniform policy enforcement across devices, save time and cut cost with automated device management tasks, staying compliant and audit ready, and aiding the productivity of the workforce.
The MDM deployed must ensure that the entire device fleet – branch systems, executive devices, customer service tablets, self-service kiosks etc – is completely secure and engineered to ensure smooth, hassle-free operations. Making it a reality in BFSI operations today are critical features like factory reset protection, which prevents unauthorised resets and keeps data secure, geofencing and location tracking for real-time monitoring of devices and receiving alerts, shared devices with customised profiles, and detailed reports/analytics into performance of devices and user trends for data-driven decisions.
Gone are the days when banking and financial institutions could secure their operations without integrating their firewalls, cloud monitoring systems and endpoint protection mechanisms into a unified system. There is little to no scope for frontline, credit and investment teams to keep running their own security protocols, for inconsistent protocols and fragmented visibility may often lead to heightened cyber security risks. The banks and financial institutions need to part ways with outdated technology, as legacy systems that don’t support modern protocols are usually most prone to cyberattacks.
The efficacy of a BFSI organisation’s security is not really determined by the number of tools deployed, rather it’s proportional to the integration of security signals across access points, devices and identities. A priority for the institutions eyeing to prevent existing gaps is reducing operational complexity while ensuring strong compliance controls.