Data-breaches-in-banking
SECURING Banking and Financial Sector

The use of InfoWatch solutions provides banks and financial organizations with confidence that their valuable and confidential data is secure, awareness and system-wide understanding of all of the organization’s internal and external information flows, and a reduction in business risks.

Screen Shot 2016-10-04 at 18.49.27

Protection of Business Plans and Investment Data

Long-term plans for a company’s development can only be built where there is confidence in the security of current decision-making. An organization’s development strategy, information about planned mergers and acquisitions, the results of general shareholders’ meetings, decrees, resolutions issued by the bank’s chairman of the board, the results of market research, information about the development of a new brand, new banking products and services – all of these are valuable information assets, the loss of which can have a significant impact on the business.

With InfoWatch solutions, it is possible to reliably protect confidential information assets from unauthorized access and leaks outside the organization.

Ensuring the Confidentiality of Cash Transportation Processes

It has been shown that the majority of cases of armed attacks on cash transportation teams are carefully planned, and the key figures who provide assistance and supply information to the criminals are bank employees. Information about the routes and schedules used by cash transportation teams, their composition and the sums of money being collected, and the service schedules of the bank’s software and technical measures can play a key role in the preparation of such crimes. The challenge for managers responsible for security is to limit the number of employees who have access to such information and to carefully monitor its distribution.

InfoWatch solutions allow you to determine user access rights to documents and external devices, to monitor their use and to analyze and filter traffic. Furthermore, InfoWatch solutions enable you to monitor the transfer of sensitive information, monitor internal dataflow, monitor the distribution of corporate information, help to track irresponsible behavior by employees working with confidential information and identify those involved in espionage. All of this allows you to minimize the risk of leaks of valuable data, which could incur substantial financial losses for the company.

Automated Monitoring of Business Processes

The classification of data in banking institutions remains quite a difficult problem. The issue lies in the fact that large volumes of data are constantly being transmitted over the corporate network, and with each year it grows increasingly difficult to track the nature of the information: where it has come from, who is receiving it and whether those employees are permitted to use this information.

Once an organization has introduced automated categorization of information, they will have a clear and transparent picture of information flows, on the basis of which it is easy to optimize existing business processes and ensure that unauthorized users do not have access to information, by applying a security policy that takes into account all the nuances of the organization’s operations.

Regulatory Compliance

Unlike many other sectors of the economy, the banking industry is obliged to comply with a large number of legal requirements and regulatory standards. Failing to comply with regulatory requirements can lead to major risks for financial institutions, up to and including a review of their banking, brokerage and dealer licenses.

Current standards for the banking industry:

  • Basel III
  • Payment Card Industry Data Security Standard (PCI DSS)
  • ISO 27001

Compliance with standards is achieved through monitoring flows of information that contain confidential data, ensuring a high level of security for personal data, guaranteeing the security of payment systems (mostly acquiring systems) and other confidential information that relates to payment systems in financial institution processing centers.

Counteracting Insider Activity

A bank’s market position depends to a large extent on its reputation, one of its key non-material assets.

In today’s world, corporate reputations are to a large extent established on the Internet, where a huge amount of information about a company is regularly posted by a variety of different sources. This information includes not only specially-distributed PR, but also client reviews of their interactions with the bank, overviews, comparisons and ratings on thematic sites, including those compiled on the basis of information supplied by competitors, etc. In the absence of a security system, internal information not intended for public access can also appear on the Internet.

Only constant monitoring of Internet sites will enable you to identify in real-time information that represents a threat to your company’s corporate reputation and to take the necessary measures to mitigate the damage. InfoWatch offers a specialized toolset for this task.

In the recent years many laws on counteracting the illegal use of insider information and market manipulation’ have been in force in all over the world.

The laws provide for the prosecution, under administrative and criminal procedures, of those who make illegal use of insider information.

Those in the industry can fulfill the requirements of the law, including the adoption of every possible measure to prevent and identify instances of illegal use of insider information, by using InfoWatch’s technology solutions.

These solutions help information security departments to monitor the distribution of data containing the following information:

  • state registration of a securities issue by a credit organization, information regarding the suspension of a securities issue;
  • information regarding the refusal of state registration for a report on a securities issue;
  • any other insider information