Banking on security

L. N. REVATHY | Updated on August 21, 2011


There’s a lot of money at stake. - K.R. DEEPAK

“Defending critical internal servers and implementing the ability to back up and recover data should be priorities.”

What could drive the Indian Financial Services industry towards IT security adoption?

A study commissioned by Symantec showed that regulatory compliance and governance mandates, followed by increasing e-commerce and mobile transactions, were the key drivers of IT security adoption in the financial services space.

The survey, conducted during February-March 2011, covered 100 respondents from banks, insurance companies and brokerages.

The findings, close on the heels of the ensuing deadline for banks to comply with RBI (Reserve Bank of India) guidelines, reveal regulatory and governance mandates as a key driver of IT security.

Two-factor authentication

The RBI has, over the last year, mandated two-factor authentication at banks for all delivery channels. The survey findings revealed that most banks had invested in identity management and investment in such technology would be made towards stronger governance, business continuity planning, securing mobile and wireless transactions, data loss prevention and network security, in the current fiscal.

“CIOs at financial services enterprises are concerned about the security of their information and related losses, leading to crucial attention towards IT governance.

RBI guidelines, the impending Basel III compliance and the IT (Amendment) Act 2008 regulations are compelling the financial sector to take a close look at how they secure and manage their information,” says Ajay Goel, Managing Director, India and SAARC, Symantec.

Symantec reiterates the need for such financial services organisations to develop and enforce IT policies and automate their compliance processes.

By prioritising risks and defining policies, businesses can enforce those policies through built-in automation and workflow to protect information, identify threats, and remediate incidents as they occur. Or anticipate them before they happen, he says.

Securing end points

Further, businesses need to protect information proactively by taking a content-aware approach, provide trusted connections and authenticate transactions where appropriate and provide a secure operating environments. Above all, they need to protect their infrastructure by securing all of their endpoints — including the growing number of mobile devices — along with messaging and Web environments.

“Defending critical internal servers and implementing the ability to back up and recover data should be priorities,” says Goel. The findings further revealed that financial services enterprises faced significant financial losses due to security breaches, with the average loss at Rs 6.86 crore. “This figure was nearly double for Indian banks at Rs 12.6 crore,” says the Symantec MD.


Published on August 21, 2011

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor