With the majority of cybercrime motivated by financial reward1, it is not surprising that the financial services sector remains one of the most attractive targets for attack. In the words of the prolific American bank robber, Willie Sutton2, when asked why he robbed banks,
“That’s where the money is!”
Today, with well over 90% of the world’s money existing only in digital form, the challenge of protecting it is overwhelmingly a matter of data security. But while most of the software and systems employed by financial services providers are relatively well protected from external threats, many are left vulnerable to attacks from insiders (or outsiders with the log-in credentials of an insider). In fact, in a recent survey spanning various industry sectors, Finance workers were found most likely to bypass IT security measures.
Facts & Figures
“The JPMorgan Chase & Co. data breach affected 76 million households and seven million small businesses”
Ponemon Institute Research Report, May 2015
Why financial companies should consider
Privileged Access Management ?
As with all secure software, access to the data and applications that underpin our financial services is controlled through strict authentication, authorisation and accounting systems. In this way, the majority of users are prevented from engaging in malicious activity by the restrictions imposed on their access.
However, for administration purposes, some users need to be granted privileged access. For large organisations, especially those employing third party contractors, and where each privileged user may have access to many different systems, controlling, monitoring, and auditing such access can present an enormous challenge.
“Wallix delivered on all our expectations of a privileged access management solution. We’re now able to view activity in real-time on our critical servers, have much better management of which systems users are able to access and when.”
Lucas Managuelod, CEO of PSSLAI
“Bank security faces many risks. Banks should, of course, protect themselves against external attacks, but the risks of human error or malicious acts by users with extended permissions, such as traders, external service providers, administrators must also be considered.”
Swissquote IT System Manager
Facing the regulatory compliance challenge
In addition to the responsibility to customers and shareholders to secure sensitive data, financial services providers now face an increasing number of government regulations, for which non-compliance can carry significant penalties. For financial services, these include Sarbanes Oxley (SOX), Payment Card Industry Data Security Standard (PCI DSS), as well as various international regulations concerning end-user privacy and data protection.
Meeting the financial industry requirements with Wallix privileged access management solution
At WALLIX, we believe that the value of a software solution lies as much in its ease of deployment, adoption and usage, as with its functional and technological capabilities. WALLIX AdminBastion (WAB) Suite has therefore been designed not only to cover all risks relating to your privileged access, but to do so in the simplest, most intuitive way, ensuring that business challenges are addressed in the shortest possible time and with minimal disruption to existing work-flows.