Financial institutions must balance the business imperative of protecting confidential data with the need to ensure that employees, vendors and contractor can access the data they need to do their jobs. From a network perspective, this means protecting the network, while at the same time providing access to it. How can banks manage this contradiction?
Effective network access control often requires providing "guest" access to the internet and some internal systems through wireless and wired access points within conference rooms, guest offices and other locations. Additionally, as the current pace of business requires employees to work from home or other remote locations, banks need to allow staff to access systems from any location, using any device. All of this while protecting data integrity and ensuring regulatory compliance.
When asked about these issues as part of Grant Thornton's 17th Annual Survey of Bank Executives, only 59 percent of respondents said they were confident about their ability to verify systems and control technology risks. In order to mitigate risk while getting the most out of the network, financial institutions must create and automate the network access control process, keeping five key principles in mind:
ï¿½ Identity management
ï¿½ Endpoint compliance
ï¿½ Policy enforcement
ï¿½ Consistent user experience across wireless, wired and VPN access
ï¿½ GLBA and PCI compliance and reporting