Blog
Bankers on the frontlines of cyber defense
Today, firewalls, encryption, antivirus software and cloud providers are just as important to a bank’s security as armed guards, security cameras and steel vaults.
July 11, 2014
There was a time when the only threat to a bank’s security was when a harmless-looking man handed the bank teller a note that made her face go ashen. And the only security measures, save for video surveillance, were the armed guards and the silent alarm triggered by the teller.
Today, firewalls, encryption, antivirus software and cloud providers are just as important to a bank’s security as armed guards, security cameras and steel vaults.
No longer is the robber who says "Hand over the money” a bank’s biggest threat. Nowadays, ATM skimming, where nobody gets shot at, is at the top of the list.
The 3 directions of banking security
•big data analysis and potential threat assessment;
•information sharing among banks to protect against cybercrime; and
•greater focus on fast recovery; less focus on crime prevention.
That last point is because breaches are always going to occur no matter how solid the security is, and there’s still plenty of room for improvement in terms of recovery speed. So it makes sense that this shift in attention is occurring at an increasing rate.
A new breed of locks
Banks require many layers of protection, including keycards that allow select employees through specific doors at specific times. Just insert the card into a slot and the door opens (it's a device also used in hotels).
Keycards are also used to grant access to peripheral service persons. A lost card or revoked card can be immediately turned off and cheaply replaced, whereas changing out traditional locks would cost a bundle.
Customized badges are another way for financial institutions to improve security measures, replacing keys and keycards. Employees can be “added on” to a badge, and a lost badge can be deactivated and then reactivated, if found.
Anti-skimming devices
Anti-skimming devices can significantly reduce fraud that results when a thief puts a phony reader over an ATM device to capture customers' card data. The volume of skimming crime is enormous, yet many ATMs have no anti-skimming protection.
Cloud storage for data
More and more financial organizations are relying on cloud computing, though this technology also brings with it some concerns. Since the cloud involves a third-party provider, bank data can be turned over to the government without the bank’s permission.
A way around this is for the bank to encrypt data prior to placing it in a cloud, and to keep encrypting it even when at rest, and retain the encryption keys.
Biometrics
Multispectral imaging (i.e., fingerprint swiping) to withdraw money at ATMs is one of the latest security tactics. Who can “skim” that? This biometric technology is already in thousands of ATMs. This “inner fingerprint” is immune to breakdown from grime, wear or moisture, making it highly tamper resistant.
Look for even more progress in multilayered security for financial institutions in the years to come — including technologies that right now we can’t even comprehend.
Learn more about this shifting industry.
Robert Siciliano is an identity theft expert to AllClearID and the author of "99 Things You Wish You Knew Before Your Identity Was Stolen."
photo: brady hegberg
Related Media
SecurityPresented ByDiebold Nixdorf
Subscribe
Get the latest news and resources from ATM Marketplace.
Recent Posts
