As finance companies deploy Internet of Things (IoT) solutions, they must ensure that connections and critical data are secure.
As finance companies continue to update security technologies, and make use of all types of IoT) solutions, there are more opportunities for network security breaches.
These technologies are used for all types of things—from everything like finding optimal locations for new establishments, to personalizing offers for customers, to protecting their own internal data. The potential for network security failure lies everywhere.
Among the financial industry, banking malware is common. According to SecureList:
In 2017, the number of users that encountered Android banking malware decreased by almost 15% to 259,828 worldwide. Just three banking malware families accounted for attacks on the vast majority of users (over 70%).
As banks and financial technologies adopt more connected devices like sensors, Bluetooth low energy beacons, IP-connected cameras and more to their information technology (IT) environments, steps to secure those devices and their data need to be taken.
The best way to ensure financial institution network security is a mix of strong encryption, segmentation and a willingness to perform penetration testing and replace connected devices regularly.
Reduce Device Security Load with Network Segmentation
Network segmentation is the practice of isolation different IoT devices. Segmenting these devices reduces the risk that one breached device will be able to harm other devices that are a part of the network.
Marc Blackmer, Product Manager of Industry Solutions for Cisco was quoted in CDW talking about the benefits:
“Existing best practices, such as network segmentation, will help take some of the security load off of these devices.”
Once devices are segmented, IT departments need to ensure that there is strong encryption across the board to protect against a breach.
Encrypted Devices Need to Span Across the Board
The same security tools used for wireless networks needs to get carried over to devices.
Yariv Fishman, Head of Product Management for Vertical Solutions and IoT at Check Point Software Technologies, tells BizTech how to eliminate potential attacks:
“Establishing an encrypted virtual private network connection between a device and the network helps eliminate potential attacks, such as ‘Man in the Middle,’ that compromise the integrity and validity of the information provided from the device to the network and vice versa.”
The mobile threat is real—In Verizon’s “Mobile Security Index 2018” report, 25 percent of those surveyed who work in the financial services sector reported that they have experienced a mobile-related incident and 18 percent said it was a major one with lasting repercussions.
Strong encryption, coupled with the willingness to replace existing IoT devices with new, upgrades will enhance. security protections.
Penetration Testing for Mobile
Finally, it’s clear that the finance industry sees the potential threats that IoT and other wirelessly connected devices can bring.
The most important thing you can do is to identify malicious activity and identify vulnerabilities in IoT devices before a breach happens.
To do so, bring in penetration testers on a regular basis, and if you can’t afford to do that, conduct red team exercises with your staff. As technology advances, the opportunities are imments, but new devices need to be deployed securely to ensure a safe future for companies and their clients and customers.
Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.