Skip to main content

banks-thinking-strategically-about-security

Bank Lawyer's Blog has an interesting post about an American Banker editorial (apparently not available online) about the new FFIEC guidelines for stronger authentication for online banking.
In other words, if banks, even small institutions, haven't been thinking "strategically" about enterprise security, they should take this opportunity to do so. As Ms. Sraeel points out, such strategic thinking is necessary "given the pace of technological change and how adept criminals are at keeping pace with innovation."

We've already seen phishers target one-time passcode in Swedish. Clearly the bad guys will go where the money is.
The post quotes the editorial:
It was bound to happen. With the Internet's meteoric rise for commercial use over the past seven years, it's surprising that multi-factor authentication was not mandated sooner. Think of it this way: The more that institutions do to safeguard customer and corporate information, the less likely they are to incur losses (obvious) and other damages such as the lack of proprietary information affecting mergers, stock performance and product launches (becoming more obvious).

Most important, though, the guidance could prompt financial institutions to look beyond what is expected; for larger institutions, this could mean giving customers and partners secure access to more online services. This can only be good for business, and well worth the investment in multi-factor authentication.

So, there are two recommendations here:
  • Don't just meet the guidelines, get secure. Anticipate the attacks and meet them head on.
  • Extend your services based on the increased security. What can you now do that you couldn't before?

Banks that can provide value-added services and/or target high-value customers with the increased security will be the winners.


Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom