Page 32 - Security Today, September 2020
P. 32
their behavior.
The analytics system applies a risk
score based on people, location and time. The score is higher for a person who has access to critical areas such as the data center. A location score would be higher on a data center card reader than a cafete- ria door, and scores are lower during the workday and higher during off times.
By understanding an employee’s hab- its and applying scores to the readers throughout a facility, an overall risk score is established for each employee. Base- line scores demonstrate normal behavior. However, if an employee tries to enter a bank in the middle of the night, the behav- ior would raise the score.
When a person’s risk score rises above normal, an alert in the dashboard notifies the security team. They can then review the specific employee’s behavior and see if the suspicious behavior is an anomaly or requires further action. Maybe the em- ployee was working late on a project and needed to get into another department that he didn’t have access to after-hours. Or maybe the employee is searching for account data to sell.
An analytics system flags possible early warning signs and alerts the security team to keep a better watch on the situation. Having insight early could prevent a pos- sible breach or crisis because the security team can start to watch the behavior more closely. It will also provide HR teams and management just-cause to investigate and confront the employee about the suspi- cious activity.
Obtaining this level of insight from your access data is only possible using an analytics system.
LEAST PRIVILEGED ACCESS HELPS MEET COMPLIANCE
When employees start a job, they are given an access card. Often that access card allows them access to many more areas than they need to perform their job, cre- ating a risk. Tightly controlling employee access helps prevent risk. Using an identity management system, banks must imple- ment the least privileged access approach, which gives employees access to only the areas they need to perform their jobs.
Access to additional areas must be re- quested by the employee. Access is granted for a predetermined amount of time and automatically deactivates access when the time limit expires. It provides an electronic log of all requests and an audit trail to prove compliance. Least Privileged Access works well in heavily regulated industries
“Most banks have deployed an access control system to manage access throughout their complicated environment.”
32
0920 | SECURITY TODAY
such as banking. Financial institutions can match up timeframes with regulations to meet compliance.
Each department within a bank works with different files and uses its own stan- dards to complete work. Based on the se- curity program’s rules, the security team should know exactly who within the de- partment should have access to the files, who outside the department is accessing those files, and monitor who tries to get access to those files.
“Banks must monitor all card swipes in areas where physical account data re- sides,” said Dan Bissmeyer, G4S director of business development. “Anyone from outside that section of the building or an- other department could possibly be fishing for that data.”
COVID-19 CHALLENGES
The onset of COVID-19 earlier this year brought on new challenges for finan- cial institutions. Banks found themselves scrambling to move employees home to work. Entire security operations centers and call-centers needed to operate from home. Although considered essential, headquarter operations and branches operated with skeleton crews to serve cus- tomers.
Insider threat programs are set up to monitor employees, limit access, track how a person might be trying to access ar-
eas and information, and respond quickly to mitigate risk. Layers of security, using people and technology, are put in place to protect the company.
“Remote work makes it incredibly dif- ficult to keep an eye on people,” Bissmeyer said. “You lose what you had in your lay- ers of security with physical access, iden- tity management and analytics.”
In a remote setting, a bank must rely on its logical controls to monitor when employees log in and what they are access- ing. However, the loss of physical contain- ment is a huge challenge. When operating inside a bank, the employee is surrounded by layers of security that are put in place to protect them and the data they manage. When working remotely, an employee can work anywhere, exposing data on an open laptop to roommates or friends. Printing at home is especially dangerous. Financial hardships due to COVID-19 and the econ- omy may also tempt employees to gener- ate fraudulent loans.
While banks have remained open, they are slowly bringing back more employees to the workplace as restrictions are lifted. The right technology can help with the transition. An analytics system can help a bank remain in compliance and show proof that the bank is operating accord- ing to policy. If a bank is running at 50 percent capacity in their buildings, the se- curity team can pull up a dashboard that
BANKING SECURITY
adriaticfoto/Shutterstock.com