Can the Financial Sector Manage Hybrid Working Security?
Even before the pandemic entered our lives, businesses across all sectors were aware of the importance of hybrid working.
Today, it’s almost taken for granted. According to a recent report by Leading Edge, 61% of business professionals identified hybrid working as critical to business success. And even in the financial sector, which is known for legacy systems and being slow to change, the idea of returning to pre-pandemic ways of working seems almost impossible, despite calls to return to desks.
A BBC survey found that 70% of people predict that workers would “never return to offices at the same rate”, with the majority stating that they’d prefer to work from home either all or some of the time. And for financial companies, the evidence that a ‘one size fits all’ approach is not equipped to deal with this growing need, is mounting. But while the workforce may have changed, many offices are still designed for their old ways of working, so it is up to businesses to keep up with changing employee expectations.
The move to mobility
Laptops have unsurprisingly been the main device to work and collaborate for most employees in the move to mobility. Indeed, in the UK alone, laptop penetration rose from 47% in 2009 to 76% in 2021. In the world of hybrid working, with meetings being controlled via these portable devices, businesses will need to invest in solutions that allow for seamless connectivity between office and home, while simultaneously mitigating the security risks that come with it. The finance industry will need to ensure offices are well equipped for hybrid meetings implementing new software alongside updated Audio-Visual equipment to make collaboration easy and smooth.
Indeed, in the UK alone, laptop penetration rose from 47% in 2009 to 76% in 2021.
But what about security?
The other headache facing IT leaders are the security risks of a hybrid approach. While these risks are true for any sector, the confidential and highly sensitive data-driven nature of financial work makes security absolutely paramount. Early in the pandemic, we saw multiple viral videos of conferencing platforms being hijacked by pranksters – and amusing as this is, it is only the tip of the iceberg. According to Deloitte, cyber-attacks are becoming increasingly sophisticated, with those using unseen malware methods rising from 20% to 35% since the outbreak of the pandemic led to a change in working practices.
This is why a recent study by Gartner found that worldwide spending on information security and risk management technology and services was predicted to grow 12.4% in 2021 to $150.4 billion. And it is necessary too: a 2021 study by Skybox Security, found that 42% of UK financial services and law firms believe their cyber threat visibility and detection systems are inadequately equipped to manage remote employees. Legacy technology and broken processes tend to be the reasons given, but after a year of remote working, the call to modernise is becoming more urgent than ever. Leaders must prepare for the financial industry’s new normal.
The cost of security breaches that come from hybrid working
No matter whether the issues stem from a cyber security breach or a phishing attack, the impact can be far-reaching. And as financial organisations are often the most common targets for cyber attacks, the need to be hypervigilant is understandable. In the UK and Europe, as more people go cashless, PII (personal identifiable information) can be redirected via physical credit scanners or online payment forms and used for malicious activity. Banks that are taken hostage may have to pay hundreds of thousands of pounds to recover lost data, risking the trust of their customers and other financial institutions. They could also face fines and sanctions for breaching data protection laws, as well as having a negative impact on staff morale.
The rise of cyber and phishing attacks caused by mobility and human error
The sharp rise in the number of employees carrying their laptops from home to the office and wherever else they choose to work has seen a dramatic increase in cyber and phishing attacks over the last two years, with human error an increasing cause of data breaches.
Findings from Sophos revealed that even though the number of ransomware attacks has actually decreased over the past year, the average recovery cost has more than doubled to $1.85 million. The mobility of hybrid workers has prompted cyber criminals to shift their attention “from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking.”
Ransomware is not the only threat, of course. Today, there is a wide range of attack methods that need to be considered and resisted. SonicWall’s Cyber Threat Report recently recorded 56.9 million IoT attacks, 5.6 billion malware attacks, and 4.8 trillion intrusion attempts. This helps to explain why, according to Dynabook, over one-third of Europe’s IT leaders pinpointed network or device security as the most difficult element of their IT infrastructure to manage during the pandemic.
Securing the mobile workforce
So how can organisations secure the data of their increasingly mobile workforce? It begins with protecting the front-line by equipping employees with robust devices that meet the high level of security required today. Biometric tools including two-factor authentication offer a strong first line of defence, for example, combining fingerprint and iris detection to restrict entry to a device.
Yet it’s also important to ensure devices feature deeper in-built security measures from a software and firmware perspective too, such as Trusted Platform Module 2.0 for enhanced encryption. Meanwhile, for IT teams, remote access control is essential so that strict permissions can be put in place, enabling them to manage which employees have access to certain files. From a policy perspective, we’re seeing more organisations take a zero-trust approach too – something which is particularly important in today’s hybrid environment to manage not just employees but partner organisations as well.
Business benefits of mobile secure client solutions for a mobile workforce
Beyond in-built security, mobile secure client solutions can also help to eliminate a significant cause for concern in terms of the device threat by adding boot-level security – something which is particularly important as we see the rise of hybrid working models.
In addition, by removing data from the device, storing it centrally and then making it accessible via a Virtual Desktop Infrastructure (VDI), such solutions provide the perfect balance of ultra-secure and ultra-productive mobile working. Employees can get on with their work, wherever they choose to be, knowing that the risk of data breaches through malware or lost and stolen devices has been nullified. With cybersecurity rated as the 2nd highest source of risk in Gartner’s 2021 Board of Directors Survey, we can expect to see these mobile secure client solutions rise in popularity.
One thing is certain – this is a problem that will not be going away any time soon. With technologies advancing rapidly and hybrid working increasingly looking like the permanent norm, the threat of security breaches will continue to grow. IT leaders must embrace new solutions now to protect against this ever-increasing threat.