New Identity-Access Management Developments: IT in the Banking Industry

Just like in many other businesses, identity-access management is becoming the make-or-break factor for creating dependable IT security in the banking industry. That’s why new technological advancements in access-management strategies for banks are such a hot topic right now.

Ever since The New York Times reported in 2014 that JPMorgan Chase banks suffered a security breach that leaked the details of at least 76 million personal accounts and 7 million small-business accounts, banks have been scrambling to protect their networks better with more strict authentication measures.

BankTo improve identity-access management security, more banks are looking at evolving ways of integrating multi-factor authentication among their network’s users. For example, HSBC bank announced in March of 2016 that they’ll begin using new alternatives to standard password authentication that include both fingerprint scanning and voice-recognition technology to protect online accounts, according to ProofID Ltd.

Meanwhile, the U.S. DOD has started a “soft certificates” test program to evaluate the security of new wirelessly-derived credentials on mobile devices that access some of their private networks. Mobile devices store such soft credentials and use them to encrypt data and authenticate VPNs, for example.

Banks are more than interested in following suit, as evidenced by Payfone’s developments in mobile-payment authentications to create online transactions that they claim aren’t possible to hack or duplicate. Their number of transactions has tripled in just one year as they expand to network with more banks.

FingerprintExpect more fingerprint-activated payment systems to take off as well as more smartphones than just the iPhone and new Samsung models adopt fingerprint-scanning features in the future.

5 Tips to Help Achieve IT Security

When it comes to your information, keeping it out of the hands of cyber thieves is a high priority. As technology regularly evolves, so should your IT security measures. You must have multiple layers of security protecting your systems. Below are five basic tips to aid you in keeping your information as safe as possible.

  1. Minimum privileges basically means deciding who has authority to what information. Limit access based on job duties and you limit the chances of your system being breached. For example, your receptionist usually won’t require access to payroll or your transportation manager doesn’t need to snoop in HR files. This is easily adjusted as job requirements change.
  2. Firewalls are your friend. Firewalls are meant to keep unauthorized users from accessing your systems. They are not infallible, but when used along with complex passwords and anti-spyware/anti-virus programs they can provide that extra level of security.
  3. Have a back-up plan. In Computers 101, you learn to back up your information. This is essential, but do you also have a back-up procedure to fall back on if your system is attacked? You need the ability to keep functioning during a system repair or replacement.
  4. Prioritize your systems, decide which are most vulnerable to attack and which are most valuable. You’ll want the heaviest measures deployed on the highest level, most vital systems and data. Accomplishing this without leaving the lower levels unprotected is important.
  5. Constantly evolve your defenses and grow with the changing threats. Just as hackers will continue to find ways to chip away at your security measures, your IT department will need to develop new ways of repelling them.

Taking these general tips farther, you can grow your knowledge of IBM i security by watching recordings of past COMMON webcasts:

Automatic Encryption with FIELDPROC – No Application Changes!

IBM i and Our False Sense of Security

What’s New in 7.1 and 7.2 Security

Be secure out there!