Third of UK Finance Logins Risk Client Data

Many industry personnel are not assigned unique login and password details resulting in the risk of customer's personal and financial data. Thirty seven percent of finance personnel don't possess unique user logins leaving their organisation open to insider trading.

A new research report from IS Decisions, ‘Financial services: access security compliance', shows that over one quarter (26 percent) of finance personnel are not required to log on to their company's network to access information even though it is a requirement of basically all rules that surround security.
Even though the FCA is in favour of new employees having access to training on financial crime risks, half of personnel did not receive the training when they began working for their organisations. An alarming 37 percent of businesses provided continuing training sessions to adhere to a decent level of security education regardless of UK compliance requirements.

Seventy six percent of employees can log in to multiple machines at the same time. The research also showed that almost half (48 percent) of organisations don't immediately rescind access by an employee when they leave the company.  This leaves the opportunity for ex-employees to steal sensitive company information.

François Amigorena, CEO of IS Decisions said: “Sensitive information should be restricted to only those who need it in order to minimise any risk of a breach or possible misuse. Identifying and implementing access control policies are requirements of the financial regulators, but it seems many UK financial organisations are not compliant with these security basics.”

SC Magazine: http://bit.ly/1mjU3gI

« Email Data Breaches: The Threat Keeps Giving
Bitcoin's Forked: Chief Scientist Launches Alternative »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ClearedJobs.Net

ClearedJobs.Net

ClearedJobs.Net is a career site and job fair company for professionals seeking careers in the defense, intelligence and cyber security communities.

INSUREtrust

INSUREtrust

INSUREtrust is a pioneer in the industry, inventing the concept of cyber insurance.

Guardian360

Guardian360

The Guardian360 platform offers unrivalled insight into the security of your applications and IT infrastructure.

Robert Bosch Centre for Cyber-Physical Systems (RBCCPS)

Robert Bosch Centre for Cyber-Physical Systems (RBCCPS)

RBCCPS is an interdisciplinary research and academic centre within the Indian Institute of Science focused on research in cyber-physical systems.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

Plug and Play Tech Center

Plug and Play Tech Center

Plug and Play is the ultimate innovation platform, bringing together the best startups and the world’s largest corporations.

CyberSat Summit

CyberSat Summit

CyberSat is dedicated to fostering the necessary discussions to flesh out and develop solutions to cyber threats in the satellite industry.

Cyber Security Cloud (CSC)

Cyber Security Cloud (CSC)

Cyber Security Cloud provides web application security services worldwide using world's leading cyber threat intelligence and AI technology.

GateKeeper Enterprise

GateKeeper Enterprise

The GateKeeper Enterprise software is an identity access management solution. Automated proximity-based authentication into computers and websites. Passwordless login and auto-lock PCs.

Data Priva

Data Priva

Data Priva is the UK's leading subscription-based data protection, governance, risk and and compliance service.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

VeriBOM

VeriBOM

VeriBOM is a SaaS security and compliance platform that helps protect you and your customers through automation, documentation, and transparency for every software application you build or run.