Financial Services data is at risk from attacks on unprotected endpoints

The past month has seen some organisations asking their employees to return to work while others are encouraging teams to stay at home and continue to work remotely.

When it comes to the financial services industry, however, it would seem that despite being well-prepared to provide a safe working environment, the majority of firms are reluctant to ask their staff back. According to research carried out by Theta Financial Reporting, only 800 of Goldman Sachs’ employees in London have gone back, and less than 2,000 of JP Morgan’s 12,000-strong team are in the office. A report from PWC found that 49% of CFO’s were, in fact, considering making remote work a permanent option.

So, despite the Government urging a return to normality, financial services companies are cautious. Many are still managing the consequences of the swift lockdown, and the risks this presented to both the corporate network and to their employees in terms of cyber-crime.

Lockdown was swift, allowing little time for organisations to provide secure laptops and tablets that would ordinarily be used within the safety of the corporate perimeter. Malicious actors were quick to take advantage, targeting technology vulnerabilities such as endpoints, which are so often the weakest link in the security chain.

Financial services industry data has a particular lure for cyber criminals, who will use a multitude of attack vectors to get to valuable customer information through insufficiently protected endpoints and devices.

Keylogging, in which malware is covertly installed to record keystrokes which can later be used to steal passwords and log-in details, is one method commonly used. But there are many others such as screen capture and screen grabbing, man-in-the-browser, saved account detail harvesting, screen mirroring, man-in-the-middle, DLL injection, and RDP double-hop. Without appropriate levels of security, endpoints are potentially a massive chink in the armour of any organisation.

This is an ongoing challenge for the financial services industry, and if employees are continuing to work from home, it needs addressing urgently. Any unmanaged device that accesses the corporate network remotely must have the same security posture as managed devices that reside within the corporate perimeter. This includes ensuring that SaaS applications are isolated or ‘containerised’ from the rest of the potentially-compromised unmanaged machine or endpoint.

Standard anti-virus is not enough. Instead, financial services organisations need products designed specifically to protect data entry on BYOD and unmanaged devices, into remote access apps like Citrix, VMWare, WVD, web browsers and Microsoft Office applications. Browsers that access the corporate network should be locked down, including URL whitelisting, enforced certificate checking and enforced https.

The consequences of not protecting data can be very severe. Loss of data does not just harm customer relationships and damage brand reputation, it can also result in serious fines.

You can find out more from the full article which was published by Finance Digest. Just click here and learn what steps to take in order to protect your company, and your staff wherever they happen to be working.

Leave a Reply

%d bloggers like this: