• Bill Mann, Chief Product Officer at Centrify


• 07.07.2016 10:00 am

Transparency and the multi-channel nature of modern banking makes the question of security, trust and reputation more critical than ever. Security is transforming from a technology feature into an ace in the hole for banks in order to sell their products. Powerful identity management software and an MFA (multi – factor authentication) strategy enable organisations to kill two birds with one stone – solve the problems of IT security and attract new customers. Bill Mann, Chief Product Officer at Centrify, talks about the open nature of today’s banking industry and shares the recipe of successful MFA to secure company data, clients and reputation in the market.

“The IT infrastructure of financial services is changing in a big way today,” starts Mann. “We see the transformation of the old world of on-premises data centres run by banks on their own. Now it’s becoming more hybrid, a mix of on-premise and cloud. Plus, mobile banking is going a long way to intensify the risk landscape for banks as they have to expose more information than they ever wanted to. Moreover, expectations for banks to be innovators have gone up, while budgets have gone down. So these factors are forcing banks to move to hybrid cloud infrastructures and think about security in a completely different way. The old belief that network security alone is going to be a safeguard for you is not applicable anymore.” 

Mann points to the problem of privileged users as the biggest threat for most enterprises at the moment. Centrify has helped more than 5,000 organisations, including large banks and financial institutions, to provide cyber security for end users and privileged users at multiple points. Identity security has become one of the highest spends in the IT security sector.     

“We are seeing banks buying privilege management software from us,” continues Mann. “They want to govern IT administration and secure their datacentres. There is a huge difference between financial and other industries in terms of adoption of security technology. Before, many organisations just bought software to pass the audit, but now I think the old mindset is changing and many companies are trying to raise the bar in terms of their security strategy.

“Compared to other industries I would say financial services organisations put the biggest effort into protecting against cyber criminals. They tend to be attacked the most and have the most to lose. And from the trust point of view, consumers are also putting a lot of trust in financial services. Additionally financial institutions tend to use the most current technologies to be able to safeguard themselves. What we discovered from our consumer trust survey is that consumers ultimately trust organisations that take care of protecting consumer information. Indeed the banks have done a lot to reduce the risk.”

In recent years, financial services companies have significantly strengthened their position in cyber security management. Although some of them still do not use identity security technology and MFA for their benefit. According to Mann, the combination of strong usage and security capabilities is becoming an important factor from a choice perspective for consumers. At the same time, banks should not magnify the potential of network security software alone as the panacea for all cyber attacks.

When it comes to MFA, Mann believes that financial organisations should be adopting best practice:

• Banks should look to offer additional security like MFA to potential customers, which would then become a selling point for them. Look at the way Apple Pay has been adopted – it is both convenient and secure. 

• Plus, with the threat landscape so much higher than ever before, organisations today should be using MFA for everybody within the organisation – rather than just a small number of people. This way they cover all their bases.  

• It is critical that organisations understand the real risks of compromised credentials and that by adopting identity and access control technology like MFA can help resolves many of these issues.