Few industry sectors are so heavily regulated as the financial services sector. Data handling, storage and sharing are particularly sensitive given the high value of the records being managed. Pressure on financial organizations is increased due to the publicity that data breaches attract and that in turn result in damaged brand reputation, loss of trust and the threat of financial penalties. The cost of resolving a data breach can be significant so prevention is better than cure.
Clearly defined policies have been implemented globally to ensure financial organizations handle data securely. Federally mandated codes of conduct such as The Sarbanes-Oxley Act, Gramm-Leach-Bliley Act and State level security breach notification laws exist to ensure certain standards are applied to the management of sensitive data. Many regulatory bodies such as the Information Commissioners Office in the UK have the power to investigate potential failures to comply with regulation and to levy financial penalties on organizations that have failed to comply.
The diverse nature of the financial services sector demands a broad set of security policies to ensure data is handled effectively. From online banking records for consumers through to high value investment transactions, every time financial data is used in a live environment it is at risk from theft and misuse.
The financial sector also faces one of the largest security concerns of all, ensuring maximum security while allowing for maximum collaboration with external parties.
IT Security issues in legal and financial services
Enabling consumer access to online banking services
Ensuring trust between third parties that wish to access confidential data
Data loss through malicious intent or negligence
Providing the most secure services to business and consumer customers without high costs
Providing policy based access and control
Meeting compliance standards for data handling
Providing comprehensive reports to support compliance claims
HOTPin is a powerful tokenless two factor authentication solution that is used to deliver a One Time Password (OTP) via a soft token installed on a smart device, USB key or PC, or via SMS in a fully clientless mode. HOTPin can be provided as a managed service that can be re-branded, allowing financial organizations to offer their own branded authentication solution to customers at a very competitive price.
Authenticate users to restricted and confidential files, applications and resources
Prevent identity theft and subsequent data breaches
Report on authentication attempts and provide evidence to support compliance
Integrate with any RADIUS based access technology
Enforce brand image with branded soft token and
Increase customer loyalty through easy to use highly secure authentication
WSA appliance range runs Unified Access Gateway 2010 (UAG) to provide secure portal based application access to users based on profile and the level of trust of the endpoint device. WSA appliances are trusted by financial services organizations because of the granularity they provide in terms of access policies based on endpoint trust and also on the level of application based control they provide.
Provide access only to the applications relevant for the users role/profile
Restrict access to applications that are not applicable to the users profile
Provide granular application access policies that protect data within applications
Present customised user experience
Collaborate with third parties while remaining in control of data and applications
Integrate with HOTPin tokenless two factor authentication for a simple to manage, tightly integrated access and authentication solution
MSA appliance range runs Threat Management Gateway 2010 (TMG) to provide multi-function application firewalling and proxy services
Provide defence in depth firewalling for the most sensitive of network zones
Deliver web content quickly and ensure availability
Protect corporate IT users from internet borne threats