Between FINRA, FDIC, and SEC regulations, financial services companies have never been under more regulatory scrutiny than they are today, but recent events indicate that there’s an imminent storm around data storage and collaboration in banking.
Banking Lags the Market for Data Breaches
While major retailers have made top headlines in 2014 for massive data breaches, banks have been left on the sidelines. Thanks to an industry that, by its nature, requires customer data to be stored and verified by more secure means, banks and financial institutions represent a “hardened target” when compared to less regulated industries.
Catching up Quickly in the Consumer Market
Banks must take note: Customers and employees are moving their own data to less secure, cloud-based environments. In addition, the increasing ubiquity of convenient mobile banking has quickly led to a less secure consumer environment where bugs like the Android-targeting banking bug Svpeng are quickly proliferating. The Svpeng bug targets Android devices with installed mobile banking apps, preventing customer access until a ransom is paid. Here is a list of the banking apps currently targeted by Svpeng:
- USAA Mobile
- Citi Mobile
- Amex Mobile
- Wells Fargo Mobile
- Bank of America Mobile Banking
- TD App
- Chase Mobile
- BB&T Mobile Banking
- Regions Mobile
Next up: Enterprise Collaboration
While bugs represent an often mass-market targeted approach to data theft, using social engineering to access insecure data on corporate servers poses the ultimate risk to banks. Reviewing policies on how to prevent exposure of sensitive data should be made a high priority for an industry that might soon become the target of data thieves around the world.