Security Challenges for Financial Institutions – How Smart Out-of-Band (OOB) Management Keeps Networks Up and Running

Security Challenges for Financial Institutions – How Smart Out-of-Band (OOB) Management Keeps Networks Up and Running

Alan Stewart-Brown

VP of EMEA at Opengear

Views 859

Security Challenges for Financial Institutions – How Smart Out-of-Band (OOB) Management Keeps Networks Up and Running

10.10.2019 03:45 pm

Information technology and telecommunications are fundamental to service delivery in financial institutions today. Firms are increasingly reliant on IT networks to deliver core services but this can leave them vulnerable to ever-expanding security threats.

That’s an especially serious problem in the world of finance where cyber-attacks are frequent, and becoming more sophisticated. Phishing, social engineering and malware attacks have become particularly prevalent, and hacking software easily available.

To mitigate some of the more egregious threats, we increasingly see today’s financial networks having to implement SSH key authentication, IPSEC or OpenSSL VPN tunnels, Stateful Firewall, Centralized Logging, Alerting, Remote AAA, and more. 

It is not possible to guard against every threat unfortunately. Cyber-attacks are increasingly inevitable and today every device in a financial services firm’s network is a potential target, including, and sometimes especially, branch and edge devices. Security must be factored into every aspect of a business’s network infrastructure. It’s a complex requirement that does not guarantee success not least because cyber-attacks are far from the only threat to network resilience today. System outages can also result from natural disasters, construction or vehicle accidents, or any number of environmental conditions and lets not foget the biggest threat of all, human error.

A wide range of network elements can also cause outages. Cable interconnects, power supplies, switches, dense compute chassis, storage arrays, and even air conditioning are potential sources of problems. And the problem of outages is only likely to grow over time. Network devices are increasing in complexity, with software stacks that are frequently updated and susceptible to bugs, exploits, and cyberattacks.

Making the concerns of businesses still more tangible, the result of security breaches and system outages are sometimes particularly severe for financial services firms, whose systems and networks are typically business-critical and for which even the smallest amount of downtime is potentially disastrous. Reputational damage caused by any outage however caused also factors greatly in the financial services and banking sector which relies heavily on consumer trust.

Finding a Way Forward

Whatever the provenance of these threats, their prevalence highlights the importance of financial services firms developing networks that are reliable, resilient and secure. Financial organisations need edge solutions that are as reliable as their data centres, eliminating the risk of a complex router becoming a single point of failure. Ideally, this means uninterrupted Internet connectivity for all LANs and equipment over a link that is not part of their production network. Every site needs to be able to leverage high-speed networks whenever the primary link is unavailable. One solution is to use Smart Out-of-Band (OOB) technology, which provides enough bandwidth on an alternate path to allow critical functions to keep running until the network event is resolved.

OOB management allows admins to maintain and manage components such as servers, WAN

devices, and power supply units and resolve malfunctions via remote access. If there is an issue with connectivity, out-of-band solutions offer a failover solution. Today this is normally done via cellular, although other options are available.

OOB management can ensure continuous remote access of administrators to critical components such as network switches and routers and security applications like firewalls and encryption tools. This approach means there is no need for an onsite visit and if it does prove necessary, the technician can ensure they arrive onsite with the right spare part in hand to resolve any issues speedily.

Think smart

Deploying smart OOB platforms can also address security issues in new and innovative ways and their deployment has several major advantages. The first is a simpler way to deploy multi-factor authentication (MFA) that only needs to be integrated into the console server to be enforceable across the entire security appliance layer.

Secondly, smart OOB console technology can act as a system of record for all configuration changes

and patches with changes sent over an alternative pathway. An update failure that leaves the device unreachable via the production IP network can often be rectified via this same OOB connectivity that accesses the service ports on most network devices to reach the underlying console.

This approach helps the network & security managers determine if critical infrastructure has been patched and allows forensic investigators to find out if a breach was aided and abetted by the actions of an insider or was just an oversight.

Another proactive security benefit is the ability for the smart OOB appliance to pull the event logs

directly from connected devices and forward these to a central SIEM or Security Analytics

platform for early detection and prevention of a targeted attack. Finally, smart OOB connectivity is

also useful during a cyber-attack which disrupts the production IP network such as DDoS, a targeted

switch attack or a rogue admin “lock out” attempt, with the out-of-band console server providing an encrypted direct connection to critical devices such as routers and firewalls using 3G/4G cellular modems. The ability to quickly and securely access logs from impacted devices can help to pinpoint root causes and allow remediation to begin faster and massively reduce the consequential downtime.

Why Resilience Matters

Outages are bad news for financial institutions, but they are inevitable because of human error, ever-increasing complexity of network devices, modern software stacks, and hardware devices  and as this article has demonstrated the growing prevalence of cyberattack and security breaches. To keep consumers happy and the institution’s reputation intact, financial services must be prepared for outages. Smart OOB™ with Failover to secure Cellular can keep services up and running even when part of the network is down.

Latest blogs

Simon Black Awaken Intelligence

Boom or Bust: How the Financial Services Sector is Coping

Covid-19 has had an impact across all industries and businesses are feeling the sting. However, is it equally devastating within every sector? As industry and individual concerns grow during the inevitable economic crisis, financial services are Read more »

n/a n/a

Tips on How to Successfully Trade CFDs

A CFD or contract for difference is a financial product that allows a trader to speculate on asset classed without owning a portion of the underlying asset. A CFD trade is not an investment but high-risk speculation that carries the risk of losing Read more »

Patrick McKinney and Joe Fuchs Wolters Kluwer Finance, Risk & Regulatory Reporting

Building an Integrated Data Management System: A Guide for Digital Banks

Digital banks and other FinTechs are emerging as more nimble competitors to established legacy banks. The digital banks that are on their way to becoming fully chartered have the opportunity to setup fully automated processes and systems without Read more »

n/a n/a

How COVID-19 Is Ushering In a New Era of Cashless Technology

  Image source: https://www.pexels.com/photo/person-shopping-online-3944405/   Cashless technology isn't a completely fresh concept. People have been using credit cards for decades, and the market for fintech services has been Read more »

Jean Shin tyntec

Using WhatsApp for 2FA is the Future of Banking

From user authentication and password resets to transaction verification, two-factor authentication (2FA) offers basic but useful protection for consumers. The 2FA process typically sends an SMS sent to the customer with a one-time password (OTP). Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel