Wednesday, 3 February 2016

There's no Bail Out for this Banking Industry Problem

By: Jacob Chacko, Business Lead - SMB & Commercial, Middle East & Turkey at Aruba

The finance sector has a data security problem, but it goes beyond external threats from hackers — this is a threat from within. Jacob from Aruba explains what this threat is and how your business can combat it.

The finance sector is in agreement: there’s a major global threat to the success of the banking and finance industry, one that ignores boom and bust cycles, doesn’t care about stock market fluctuations and wouldn't bat an eyelid if interest rates suddenly jumped ten points.

But this threat is also an essential and highly successful ingredient in the revival of the finance industry’s fortunes.

What is this unwitting, non-malicious threat? It’s your mobile-tech carrying employees themselves.

Which ones?

You’ve heard of Generation X (you might be one yourself), Generation Y (you probably employ a few of these), and Generation Z (the Internet’s digital natives), but there’s another category to add to the list: #GenMobile.

Brought up in a world where mobile devices are an integral part of everyday life, #GenMobile is defined by a productivity-focused attitude that finds it as easy to share a status update as it does a password or mobile device with a colleague. And this is why your #GenMobile workforce is both an asset and a threat to your business.

To identify the true nature of this new type of employee, Aruba Networks surveyed 11,500 workers in 23 countries, asking them detailed questions about their work, their approach to data and their take on corporate and personal security in a technological landscape dominated by mobile devices.

Who are they?

#GenMobile are generally young (18-35), highly effective and mostly indifferent to computer security. Given the finance sector’s risk-averse take on data security, you’d be forgiven for dismissing the idea of a ‘threat’ from your own highly trained staff. But with an alarming four out of every ten finance organisations admitting to having lost data through the misuse of a mobile device (25% higher than other industries), you might want to read on .

Ok, so what are they doing?

#GenMobile, as the name suggests, are 100% comfortable with mobility, flexible working and using multiple mobile devices to get the job done. #GenMobile will stop at nothing to get their work tasks completed, and 51% say that mobile technologies enable them to be more productive and engaged at work.

This fervent need to get things done means 56% will disobey their managers to get complete a task — while three-quarters are happy to take IT issues into their own hands without getting in touch with their IT department.

Sharing is also a risk factor, as 60% of respondents reported being happy to let others use their work mobile devices at least once a month, while a fifth don’t have passwords on their mobile devices at all, in part to make sharing easier. You won’t be surprised that security only limps into the top five of office tech concerns for #GenMobile.

Five tips to turn a threat into a safe bet

So what do you do? Lockdown all mobile devices? Implement a highly restrictive password policy? Don’t throw the baby out with the bathwater just yet — this new generation is already contributing to the overall health of the finance sector. They bring big-thinking creativity, better collaboration and new ways of doing things; priceless in an era when consumer behaviour is changing at an incredible speed. Yet the impact of a security breach is both seismic and often irreparable.

Here’s five ways to make sure your organisation is prepared for #GenMobile:

1)    Over a third of businesses don’t have a basic mobile security policy in place. Make sure you have a policy covering roles, devices, locations and other contextual attributes.

2)    Create enforcement rules that extend from applications to devices to the network.

3)    Make sure your security measures and policies map back to your organisation’s business objectives.

4)    Training is vital: all staff should have needs-assessed training to help them understand why policies are in place and how they can help.

5)    Take heed of feedback — it may improve your IT workflows and performance.

-Ends-