Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Security

11:00 AM
Bob Olson
Bob Olson
Commentary
50%
50%

Now Flatter, Cheaper Networks Can Be Secure, Too

Why banks no longer have to choose between cost and security with their networks.

Every time I log on to my company’s intranet -- whether from the office, home, or hotel, or via desktop, laptop, or mobile -- I am amazed by the remarkable number of activities it lets me perform and the sheer amount of information I can tap into. 

But at the same time, I’m struck by how strictly limited my access is. I see only an infinitesimal sliver of what’s happening on our network, properly so. Out of thousands of payroll records, there’s only one I’m interested in. Of all the information that finance handles, all I need is our latest earnings release and a PowerPoint to assure customers’ about our stability. That’s all I need, and that’s all I see. But the rest is out there, almost instantly accessible by those who need it.

[For more on network security, check out: What Banks Can Learn From the Target Breach.]

That is daily proof of what a sensitive balancing act network security is. And whatever challenges we had in segregating our network into what each employee can access, banks face even more daunting challenges. After all, it’s not likely that tag-teams of hackers are pounding away at our network to compromise our internal blogs and bios.

It is banks that tempt intruders, after all. Banks are still where the money is, and bank networks are where sensitive data is in constant motion. Account transfers within the bank, wire transfers outside the bank, vendor communications, customer records -- whenever they are in motion, they are vulnerable to network intrusions, whether by criminals or by legitimate users whose access was insufficiently circumscribed.

So with that knowledge of being under constant cyber attack, it is understandable if banks have resisted vendor urgings to “flatten” their networks. They well understand that flat networks offer significant cost savings and are easier to manage. But their traditional layered networks, for all the difficulty they pose when a change needs to be made or they need to interoperate with a new system, do offer security in the form of multiple layers, well segregated by groups of users. Flattening those networks eliminates the barriers of complexity and exposes a larger, more easily navigated surface to would-be attackers.

That’s where the debate has rested for some time -- between the rock and hard place of “flat vs. secure.” But now, advances in software-defined security are changing the calculation. Now, instead of physical barriers like layers, virtual LANs, routers, and firewalls, banks can erect logical barriers that segregate groups of users and their information, and that render other information invisible to them.

If you’re still having that rock/hard place debate at your bank, ask yourself:

  1. Are you spending too much on your network?
  2. Do changes to your network hold up innovation and compromise competitiveness because they take too long?
  3. After completing a change to your network, have you discovered inadvertent vulnerabilities created due to the complexity of network?

If your answer to any of these questions is “yes,” you’ll be glad to know there is a way out from between the rock and the hard place. You can let software, not infrastructure, segregate your flatter, cheaper, simpler network. Through tools like cryptographic keys, banks can allow fast, easy access to only those corridors where users’ roles entitle them, while the sensitive data remains cloaked to outsiders.

Most importantly, these growing safeguards among flat networks can not only save banks money, but also help them get out from between the rock and hard place where many of their peers are currently residing. 

[Learn more about the Internet of Things at Interop's Internet of Things Summit on Monday, September 29.]

Bob Olson is a Vice President at Unisys where he manages the Global Financial Services Practice.He works with clients by providing a portfolio of IT services, software, and technology to help them solve their mission-critical problems. Prior to Unisys, Bob was ... View Full Bio

Register for Bank Systems & Technology Newsletters
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.