Personalise your experience

Get the latest insights relevant to your sector.

Blog · 02 Nov 2022

How financial services can stay ahead of employee fraud

Advanced identity and network management solutions are critical frontline defences against employee access being used to attack financial services institutions.

Managing Director International Banking, BT

Identity management has always been critical to reducing the risks of employee fraud in the banking and financial services environment – and the modern hybrid working environment comes with its own set of challenges. 

Remote working and distributed workforces have scaled up in recent years, taking employees out of the office and away from the protection of corporate security. Financial services institutions have had to cope with a rapid proliferation of devices spread across a wide area and a fundamental change to the digital estate.

These developments have certainly increased opportunities for employee fraud as well as non-compliance – something that’s just as important in a regulated industry. However, financial services institutions also have to recognise that an employee doesn't need to be an 'insider threat' to do or enable damage. It’s much more likely that employees will inadvertently become access points for malicious actors, facilitating an attack by a third-party by, for example, falling for some form of social engineering activity.

It’s more important than ever to be able to verify that an individual is who they say they are. So, how can financial services institutions protect themselves?

Rethinking the boundaries of trust

Zero Trust is emerging as the answer. Under Zero Trust principles, knowing exactly who and what is on the network and why they’re there is critical to maintaining organisational security. From a user perspective, Zero Trust means continually verifying authorised users as they move around the network and granting each user the lowest possible privileges needed to carry out their tasks.

A strong identity policy is a huge piece of the Zero Trust puzzle. Fundamentally, organisations need to be able to specify and manage who is authorised to do what and when. They need the control to define individual domains and keep them separate, with the choice to apply different access privileges. They need to be able to scrutinise access and activity against different privilege sets, and much more. 

Multi-factor authentication is now standard practice, even for consumer email accounts, and is a core part of a Zero Trust identity management solution. 

It’s important to recognise that identity management introduces friction into the access process, affecting the user experience. So the level of friction introduced to the workflow, whether that's a biometric check or a one-time pin (OTP), should fit with the financial services institution’s risk appetite.

Continuous authentication will play an increasingly central role here, so our innovation department is investing significantly in developing biometric continuous authentication processes. These could be used to lock down a computer workstation when the authorised user steps away from it, for example.  

The goal is to create adaptive and continuous authentication processes that require the minimum of trust and friction, delivered dynamically.

Incorporate advanced endpoint security solutions

Jonathan King of cybersecurity specialists CrowdStrike highlights how networks are growing in size as well as complexity. Endpoint management has become far more challenging in recent years in the face of more users, more devices, and more complex (and numerous) threats. Securing endpoints takes a lot of intensive compute power, and the proliferation of devices has compounded the issue. 

CrowdStrike, one of the key cybersecurity partners in our ecosystem, solves this problem through cloud-based security architecture. Its Falcon platform can deliver security through a single, lightweight agent deployed centrally to every endpoint simultaneously. Users bear no responsibility for maintaining their machines, and new security policies can be implemented across an entire digital estate all at once. 

Network owners can go further in protecting access by quickly identifying 'shadow' or 'rogue' endpoints. It’s also possible to run forensic lookbacks to observe networks in previous states – even if, in the case of CrowdStrike, those states happened before CrowdStrike was introduced. 

Bring everything together with our ecosystem thinking

We believe diversity is critical in a security portfolio. The Swiss Cheese analogy remains a good one: every security layer (or authentication factor) will, by necessity, include some holes, because these are how legitimate users get in. As a result, we need to stack multiple layers intelligently, making sure that none of the holes match up so no cyber attackers get through.

Our ecosystem approach enables financial services institutions and other large organisations to build and maintain a comprehensive security portfolio through a single point of contact. Our customers don’t have to spend months or years contracting with multiple providers, onboarding their individual systems, and then trying to make them 'play nicely' together. Instead, our customers can use our digital security ecosystem, that includes strategic partnerships with leading specialist vendors, to build a fully modular security solution that fits their specific circumstances - all delivered through our unrivalled infrastructure.

Download our whitepaper, ‘Ecosystem thinking: the fraud and risk approach that protects from every angle’ to find out more about how we can help you secure your organisation.