News

03:03 PM
Jonathan Camhi
Jonathan Camhi
Slideshows
Connect Directly
Facebook
Twitter
Google+
RSS
E-Mail
50%
50%

A Growing Security Risk in IT Automation

The increasing use of automated processes could expose organizations to new forms of malware if proper monitoring and controls aren’t put in place.
Previous
4 of 4
Next


Thompson advises banks take three steps to help secure their machine-to-machine processes:

- Firstly, banks need to make sure that they encrypt their automate processes as a first step in preventing data breaches.

- Secondly, banks should adopt the same security policies for machine-to-machine processes that they have for manual human-to-machine processes. That means putting in authentication, auditing and monitoring tools to ensure secure access and keep an eye out for attacks.

- Thirdly, centralizing SSH key management will be important going forward in auditing access to keys both for security and compliance. (Note that the newest version of PCI compliance requires controls be put in place for SSH kay management.) Unfortunately most organizations in the study (65%) shared responsibility for the management of those keys among many individuals. But centralizing that responsibility will help increase visibility and enable faster responses to potential intruders.

[To learn more about how financial firms are preparing for and responding to security incidents, attend the Acknowledge the Inevitable: How to Prepare For, Respond to, and Recover from a Security Incident session at Interop 2014 in Las Vegas, March 31-April 4.
You can also REGISTER FOR INTEROP HERE.]

 

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Previous
4 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
KBurger
50%
50%
KBurger,
User Rank: Strategist
3/10/2014 | 1:39:39 PM
re: A Growing Security Risk in IT Automation
I would hope that banking overall is far along with these kinds of efforts, although I would imagine it may be more of a challenge (not just technology, but also awareness/education) for smaller institutions.
Byurcan
50%
50%
Byurcan,
User Rank: Author
3/9/2014 | 2:38:52 AM
re: A Growing Security Risk in IT Automation
Surprising that only 44 percent of organizations polled monitor the logins of their keys' priveleged users, Thompson's comment that most companies haven't thought to much about SSh controls is telling.
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology - August 2014
Modern core systems are emerging as the foundations of effective channel integration and customer engagement initiatives.
Slideshows
Video