Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Report on IT security technology for retail banking.

Datamonitor : 19 June, 2007  (Technical Article)
Datamonitor report focuses on the increased need for consolidated and consistent identity management as part of the IT security focus in the retail banking industry.
Banks need to invest in consolidating identity management across the enterprise so that end-users can have a single sign-on across all product systems, channels and locations in order to facilitate and simplify identity management. This is one of the key conclusions in a report just published by independent market analyst Datamonitor (DTM.L), "IT Security and the Role of Technology in Retail Banking Security."

"It is critical that banks use strong identity management for both customers and employees to ensure they can monitor and analyze who is accessing which systems and data and when, says Clare Buckmaster, financial services technology analyst with Datamonitor and author of the report. "Banks must control every aspect of identity management from user IDs, passwords and authentication to controlling access levels and monitoring usage."

Multifactor authentication remains an important piece of the security picture for banks, however, regardless of the strength of authentication or any other such security measures, some breaches can occur regardless meaning that banks cannot depend solely on multifactor authentication as a means of preventing fraud.

Identity management enables banks to ensure that the right people have access to the appropriate information - whether its customers accessing their data, or giving staff access to everything they need to perform their jobs.

Identity management is a key element in the battle against fraud, particularly by internal staff, as it provides a basis for analytics to be carried out. It enables data usage by individuals to be audited and monitored to ensure that any "suspicious" activity is explained, and can also be an element of analyzing how employees work together to detect whether internal staff are collaborating as part of their day-to-day jobs or potentially working together to gather data for fraudulent purposes. As staff roles can and do change, banks also need to ensure that permissions are kept up to date so that new access levels are granted swiftly, but also that old ones are removed.

Banking systems have grown in a siloed manner and as a result employees often have different sign-ons for different applications. While this is inconvenient for employees, it also means that applications administrators have to go into individual applications when they want to change permissions and access levels. This is compounded by the fact that banks often also have separate systems for each channel and product line. While this is a headache for administrators and end-users alike it also makes it harder to analyze end-user activity across the bank for business and fraud intelligence purposes.

Banks need to invest in consolidating identity management across the enterprise so that end-users can have a single sign-on across all product systems, channels and locations. By investing in single sign-on technology banks can manage the administration of identity management from a centralized point across the enterprise. This eases the ID burden on staff, as well as making identity management simpler for administrators, thus enabling them to keep up to date with all changes.

On the customer identity management side, banks must ensure that customers have access to the appropriate information, that they are behaving in the manner expected of them regardless of the channel they are using and their activity is monitored across all the channels that they have access to.

Standardisation, automation and analytics will be the key to strong bank-wide security.

"While banks need to have strong security solutions in place to manage individual elements of their operations, it is critical that they combine them with a cohesive security infrastructure that enables them to have a clear view of the threats they are exposed to at any given point in time across the entire enterprise," concludes Buckmaster.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo