Financial Services Companies Struggle With The Work from Home Digital Perimeter With Serious Cyber Attacks on the Rise

By Matthew Vulpis May 11, 2021

When pandemic lockdowns turned many jobs into work-from-home almost overnight, some industries experienced relatively seamless transitions; however, the banking industry was not one of them. These institutions were forced to pivot from traditional office environments, but the switch to remote working came with an abundance of challenges, the most serious being cybersecurity.

With risk and vulnerability accentuated during the pandemic, fraudulent activity and cybersecurity attacks are on the rise across all industries, but for financial services, the risks are even greater. Financial employees deal with highly sensitive transactional and confidential information on a daily basis, and those working from home are more vulnerable to phishing and other technology breaches.

"As cyber-attacks occur around the globe at an alarming rate, many criminals continue to set their sights on banks and credit unions as the grand prize," said Chris Swan, CRO from Dispersive, a company that provides accelerated, private, and secure virtual networking for cloud, branch, mobile device and embedded IoT. "Leaders must prepare for the industry's "next normal," which will likely entail many employees continuing to work from home to some degree even after the pandemic has subsided."

In total, attacks against the financial sector increased 238% globally from the beginning of February to the end of April, with ransomware attacks growing ninefold within the same period. The increase in people working from home is the cause for this, as financial firms' digital perimeters are weakened by the myriad of access points a cyber attacker has when a company's employees are spread out, working from home on their own personal systems and devices.

Without the luxury of an office system supplied firewall or blacklisted IP address, there are numerous cybersecurity shortcomings that could plague your employees, such as failing to change the default password on their home router, neglecting to block guest access, not encrypting their home networks, and using home printers for bank business, which creates security risks for those printed files.

"Business is being done over home ISPs, with unmanaged routers and printers, home automation systems in the background, and even partners and children listening in on conversations or sharing machines while working for different organizations," said Chris Swan. "Traditional security measures that have been used daily for years can't protect a fully remote staff without adaptation. That means we need to rethink our mindsets and approach to security right now."

While working from home does increase cybersecurity risks, there are plenty of steps a financial firm can take to try to ensure better safety. The first thing businesses usually turn to is a virtual private network (VPN). Businesses can attempt to prevent data leaks by requiring employees at home to use a virtual private network or VPN, which creates a secure pipe between an employee's endpoint, such as a laptop or a tablet, and the organization's IT systems, but even then, they aren't secure.

Despite the benefits of these private networks, there has been a rise in VPN vulnerabilities, and hackers are taking advantage of this. Too often, VPN vendors are guilty of neglecting to patch vulnerabilities within their technology. Data-sensitive industries such as financial services, government, and healthcare are common users of VPNs, and without patching discipline, they're providing an open door for attackers to gain entrance to the networks and data.

"This isn't new as over the years, hackers have been exploiting VPNs as the cloud becomes ubiquitous, but now with everyone working remotely, these issues touch millions of users and their data," said Chris Swan. "More organizations are waking up to this reality and adopting VPN alternatives, like Zero Trust Network Access, which go beyond one-size-fits-all access rules and provide greater network segmentation."

Zero Trust Network Access (ZTNA) is a category of technologies that provides secure remote access to applications and services based on defined access control policies. Unlike VPNs, which grant complete access to a network, ZTNA solutions default to deny, providing only the access to services the user has been explicitly granted.

This alleviates common VPN-related challenges where BYOD remote users are granted the same level of access as users at a corporate office, despite the fact that they often have fewer security controls in place. Some agent-based ZTNA solutions provide a pre-authentication trust assessment of the connecting user and device, including device posture, authentication status, and user location. 

And with the world becoming more digital with every passing day and the work from home model showing no signs of disappearing once the pandemic does, Chris Swan states that ZTNA solutions, such as Dispersive's Virtual Network (DVN), will become essential to any financial firm that wants to keep up with the ever-evolving world of cyber threats.

 "A zero-trust network approach recognizes that trust is a vulnerability in the work-from-home model," said Chris Swan. "With Zero Trust Network Access, organizations can be entirely confident that their data, critical applications, and infrastructure are secure, without the expensive orchestration, maintenance or hardware of legacy solutions."

Edited by Luke Bellos

Content Contributor

Related Articles

GSA Rejects Face Recognition for IRS and Other Federal Agencies

By: Laura Stotler    2/11/2022

The GSA said the IRS and other government agencies will not be using facial recognition to verify access to their websites and online records. The ann…

Read More

The Benefits of B2B Marketplaces for MSPs: Unify, Simplify and Amplify

By: Arti Loftus    2/8/2022

Business today is more technologically and digitally driven than ever before, with various applications and devices re-shaping the way companies do bu…

Read More

With the Passage of the Infrastructure Bill, Rural America Is Gearing Up For Acceleration in 2022

By: Matthew Vulpis    12/2/2021

The recent shift toward online business and education activity highlighted the lack of access to high-speed broadband internet service in some parts o…

Read More

The Leading Edge of Mainframes: Open Mainframe Project Reports Record Growth of the in 2021

By: Arti Loftus    10/25/2021

Last month, Open Mainframe Project hosted their second annual Open Mainframe Summit, announcing record growth in contributions, with more than 105.31 …

Read More

Veea and iFree Introduce TROLLEE IoT and AI Powered Interactive Shopping Cart

By: Matthew Vulpis    10/7/2021

In recent years, we've seen a drastic increase in smart technology aimed at making our lives easier. These innovations focus on improving our physical…

Read More