By Kyle Piscioniere, Nov 06, 2015
A study conducted by Infinite (News - Alert) Convergence Solutions, Inc. has found that employees at financial institutions are regularly allowed to communicate over commercial, unsecured mobile apps and platforms. The lack of enterprise-grade mobile communications systems may be risking the financial information and security of customers.
The study shows that 50 percent of financial institution employees use mobile messaging daily, but only 38 percent of employers have an official messaging platform. To compound the problem, of the 68 percent of financial institutions that do have dedicated messaging platforms, the majority of those platforms are not properly secure.
Anurag Lal (News - Alert), CEO of Infinite Convergence, commented, "Financial institutions are relying on typically consumer-facing messaging apps for their employees to communicate extremely private information. End users like the convenience and the immediacy of response of mobile messaging, but the majority of services being used are not made for enterprise-level communication. They do not have the ability to meet compliance requirements, especially in the case of regulated industries, such as finance."
The study did not clarify whether employees at financial institutions receive mobile security training, briefings, or even know the company’s risks when texting sensitive information. Given the stringent complicity measures imposed on the finance industry, any breaches in security could leave a compromised company open to legal suits or charges.
The risks to customers and companies go beyond mere phone hacking, data stealing, or viruses. With access to a financial agent’s phone number and records, social engineers could potentially tease sensitive information from the agents or customers themselves. And once sensitive information has been compromised from one source, identity thieves can then access other accounts held in more secure institutions.
With so many companies protecting business data and all the high profile security breaches from which companies rarely recover (looking at you, Target (News - Alert)), this lapse in security seems somewhat negligent. Financial institutions need to change their mobile security habits before customer data is leaked.
Read Full Article