How Can the Financial Industry Stop Insider Threats?

How Can the Financial Industry Stop Insider ThreatsJPMorgan Chase & Co. is in the news again because hackers got access to internal systems and stole sensitive information.  This may have been part of a scheme to pump up the prices of stocks and sell them for quick profits.  The hackers gained access through a server that wasn’t properly patched.

Another problem surfaced a few months ago where a former JPMorgan employee was arrested by the FBI on charges of stealing customer data and trying to sell it to an undercover informant for tens of thousands of dollars.  Similar incidents have occurred multiple times at JPMorgan over the past few years.

Unfortunately JPMorgan Chase is not alone in this.  Barclays Bank had a problem where criminals had a USB flash drive with the personal details of over 13,000 customers.  Other financial institutions are worried about privileged users having access to sensitive information and how to prevent them from sharing it with unauthorized people.

Most organizations inherently trust their employees to understand how to handle sensitive information.  There are codes of conduct, processes and procedures in place to ensure that employees protect customer and other sensitive data.  Are these enough to protect against the potential misdeeds from those inside the organization?  Apparently not.

Every organization must allow certain employees access to intellectual property, sensitive corporate secrets or customer information.  The organization and its customers expect this information will remain confidential and only be accessible by authorized people.  IT administrators with privileged access rights, sales people, HR and executives may all have access to sensitive customer data.

So how can JPMorgan Chase, Barclays or any organization prevent employees from stealing or inadvertently sharing information with unauthorized people?

Many organizations focus their information security spending on perimeter defenses.  JPMorgan Chase spends over $250M a year on cybersecurity to protect its information.  After the recent data breaches, it intends to increase that dramatically, but is it spending in the right places?  Obviously its perimeter is not as secure as it thought.

Stopping insider threats is more difficult than hardening the perimeter, since insiders must have access to privileged information to do their jobs.  While many organizations look at internal firewalls, intrusion detection and other system protections, the focus needs to move to the object of an insiders interest.  The data.

The only way to protect that data is by encrypting it the moment it is created and applying persistent security policies and controls to it.  By applying encryption, access permissions, and usage restrictions directly to the data, organizations can be confident they will always control it, no matter where or how it is transmitted.  This enables the financial institution to provide data governance to all sensitive information.  They can track and control it the same way they track and control financial transactions.

If an insider tried to pass sensitive information along to a trusted confederate on the outside, the outsider couldn’t access the information.  If you suspect the insider of stealing information, you can easily kill access to any documents they can access.  You can enable or disable access to the sensitive content at anytime, no matter if the information is on a server, on a phone or in someone’s email.

Managing threats to the business and mitigating risk is the job of the CEO.  Having the ability for complete control of all sensitive customer and internal information, regardless of its location, is the best way to meet those goals.  This gives the CEO the tools needed to prevent insider threats and ensure the safety of your business.

 

Photo credit Myfuture.com

Leave a Reply