Achieving COVID-Ready Mobile Security
for Financial Services Workers
There’s an ongoing mobile productivity revolution in the financial services industry (FSI), and recent events have only accelerated its progress.
To be sure, Hong Kong’s FSI has always been on the cutting edge. The territory’s financial technology (fintech) startups drive the world’s fifth fastest-growing startup ecosystem, with almost 14% made up of fintech firms.[i] These companies serve an intensely connected local market in Hong Kong that boasts some 13.52 million mobile subscriptions, far outnumbering the 7.46 million-strong population.[ii]
The recent COVID-19 pandemic has only increased uptake of digital financial services. As more bank branches are closing or limiting operations, customers are increasingly resorting to banks’ digital services to manage their banking needs from the comfort of their homes. FSI management has also had to contend with the effects of the coronavirus, by allowing more employees to work from home.
Increased post-COVID uptake has also had the effect of accelerating potential threats to confidential and critical data. A recent BitGlass study found that 62% of all exposed data in 2019 originated from the financial services industry, despite accounting for only 6.5% of that year’s data breaches.[iii]
The challenge is clear for IT administrators and employers. FSI companies must create the necessary mobile working infrastructure to cope with increased uptake from quarantined users—in a way that doesn’t compromise the company’s data.
Mobile work comes with its own unique weaknesses. The vulnerabilities inherent in working far from a secured office must be addressed by any administrator.
With cloud adoption rising across the board, mobile employees are increasingly likely to use powerful but lightly-secured cloud-hosted applications to do their work. Even if work-from-home users have adequately secured their cloud apps, they may still be compromised by human error, such as carelessly-clicked phishing emails. (Kaspersky reports that nine in ten data breaches are caused by the human factor.)[iv]
Design an infrastructure to secure the mobile work environment. Businesses should install the right security technology to give employees the ability to work both remotely and safely.
A security consultant can help you build and maintain a security infrastructure that may include any or all of the following:
- A virtual private network (VPN) that employees can log into for all work purposes. On a VPN, all web traffic will be routed through encrypted servers—keeping confidential data safe from hackers
- A data loss prevention (DLP) solution on both the gateways and the endpoint, to ensure that sensitive data isn’t lost, misused, or accessed by the wrong users. DLPs use a suite of protective features to prevent the unauthorised sharing of confidential data that can compromise the company
- Endpoint security solutions that protect the network when authorised remote devices (endpoints) gain access. Endpoint security can authenticate logins and deploy tools like antivirus and anti-spyware; administrators can deploy device updates or wipe the device clean if it’s lost or stolen
- Mobile device management solutions that can support, maintain or even wipe mobile devices remotely, allowing IT administrators to enforce policies and maintain control of devices across a range of platforms
Create policies to govern the use of the mobile data environment. Administrators need to strike a fine balance: lax administration will endanger the company, while overly strict enforcement can alienate users or suffer from bad compliance.
- Password security: Will you require a regular change in passwords? Will you require different passwords per login?
- Training: Will you implement security training programmes? Can you incentivise good security behavior, using rewards and public recognition?
- BYOD: Will you implement a “bring your own device” (BYOD) policy that allows employees to use their personal devices for work purposes? Can you balance the potential increase in productivity versus the increased security threats from unsecured devices that can threaten your system’s overall stability?
The sharp, pandemic-driven uptick of work-from-home users represent both a promising opportunity and a looming threat for FSIs. In the highly-secure world of finance, trusted allies like Fuji Xerox (Hong Kong), as your Business Innovation Partner, you can get to the heart of FSIs’ specific issues and formulate the right solutions to get the job done.
Securing workers’ mobile workers’ network and devices has become an increasingly urgent task in these trying times: luckily, it’s one that FSI managers need not do alone.
[i] "Hong Kong FinTech White Paper 2019." whub.io. Whub, 2019. https://www.whub.io/fintech-toolbox-download.
[ii] "Digital in 2019 – Hong Kong." We Are Social. We Are Social Ltd., January 30, 2019. https://wearesocial.com/hk/digital-2019-hong-kong/.
[iii] "The Financial Matrix: Bitglass' 2019 Financial Breach Report." Bitglass. Bitglass, December 16, 2019. https://pages.bitglass.com/rs/418-ZAL-815/images/Bitglass_Financial_Matrix2019.pdf?aliId=eyJpIjoidEFtUm1uM09HdGtOVTIySiIsInQiOiJ2dWU4Y3NLMlFybWMyb1wva21wNVpkQT09In0%253D.
[iv] "Understanding Security of the Cloud: from Adoption Benefits to Threats and Concerns." Kaspersky.com. AO Kaspersky Lab, 2019. https://www.kaspersky.com/blog/understanding-security-of-the-cloud/.
Alan Chan is the Director of Marketing at Fuji Xerox (Hong Kong) Limited. He is an innovative and visionary marketer with extensive experience in business management and marketing.
FX Resources Component
Achieving COVID-Ready Mobile Security for Financial Services Workers - EN
- File Size:
- 1.28 MB
- Document Type:
- Portable Document Format