Zero trust network access in banking and financial services
Credit to Author: Doug Aamoth| Date: Tue, 03 Jan 2023 12:00:55 +0000
Financial institutions sit on a goldmine of sensitive data: corporate financial data, customer data, credit card data, and more. Digital innovations, complex IT processes, accelerated cloud adoption, remote workforces, and a growing reliance on third-party vendors contribute to a challenging risk landscape in banking and financial services. This has resulted in widened attack surfaces and vulnerable networks that are prone to security breaches.
In fact, a 2022 Sophos survey of 444 IT professionals working in the financial services sector revealed that 55% of organizations were hit by ransomware in 2021 – a 62% increase over the previous year.
And it’s not just ransomware. The overall IT environment in financial services has become even more challenging: 55% of organizations reported an increase in attack volume over the last year, 64% reported an increase in attack complexity, and 55% reported an increase in the impact of attacks.
A lot is at stake if the network security or data held by banking and financial services organizations is compromised. Oftentimes, an entire country’s economy can be impacted when a large bank or financial system is involved. Therefore, it becomes critical that access to financial resources is heavily guarded and access privileges are provided to users only as needed to carry out their roles and responsibilities.
A typical enterprise cybersecurity model relies on perimeter-based security. Once authenticated, a user can move laterally and access a broad range of resources within the network, regardless of their role and need for access. This can become a serious vulnerability if the user account is compromised: attackers get free access to financial data repositories and system apps. However, continual authentication and assessment of user identity, device health, and access policies can ensure more effective protection against security breaches in financial institutions.
ZTNA – or zero trust network access – is a game-changer for the financial services sector. It secures remote and hybrid workers, sensitive financial data, and networks and applications by constantly verifying user identity, device health, and access policies before granting access to network resources.
ZTNA eliminates vulnerable VPN clients, integrates device health, and allows granular access to resources defined by policies to give remote workers secure and seamless access to specific applications and data. Remote and external users and their devices are no longer implicitly trusted: they and their devices must earn trust constantly.
ZTNA policy can prevent a compromised device from connecting to applications and data, effectively preventing lateral movement and attacks like ransomware from getting a foothold on banking and financial services networks.
With Sophos ZTNA, you get the added benefit of a single-agent, single-console, single-vendor solution for both ZTNA and your next-gen endpoint protection. Sophos ZTNA uniquely integrates with Sophos Intercept X to constantly share status and health information with each other to automatically isolate compromised systems and prevent threats from moving or stealing data.
Sophos ZTNA removes implicit trust in your financial institution’s applications, users, and devices and allows segmented access to your systems and resources to just those who need it. Learn more at Sophos.com/ZTNA.