Networking is hard. Networking in a regulated environment is harder. Managing the networks for hundreds of security-focused locations simultaneously sounds almost impossible.
Perhaps this is why it is so often left undone altogether at retail banks. Networked computers, machines, and IoT devices are a must for any modern company, but it also opens up security threats. What is a company to do? Stay secure, or get left in the dust?
Here are the primary challenges.
If you have direct connectivity to a required service (printer, scanner), then you are never reliant on the network. If you make these services available over the network, your router might go down, and then you lose the ability to perform these services at the branch. Bank branches cannot lose access to the services they need, so they cannot rely on a network that might go down.
Allowing access to devices and services over the network opens up a branch to many new vulnerabilities. In a year of renewed focus on cybersecurity, this is a larger concern than ever before. If a bad actor gains access to a trusted device inside the branch, with the wrong setup, this enables all sorts of malicious activity. Bank branches cannot allow malicious activity to occur.
It is possible to implement networking that is both reliable and secure. When networking is absolutely required (e.x: ATM’s), banks make sure there are layers of redundancy in place to avoid outages. They also configure the network so that only trusted parties have access. This requires a big investment of time and resources.
To build a flexible, modern system, you must have a flexible network, but banks cannot often afford the risk involved. In collaboration with
, we outline these issues and a potential solution in mesh VPNs.
Tom is currently VP of Solution Architecture for banking at Mphasis. Tom has 30+ years of experience in financial services technology leadership roles with expertise in core banking systems, mobile/on-line banking, teller & ATM channels.
You can check out the white paper here.