Wave Systems Corp. (fka WAVXQ)

[go-kitesurf]

http://www.banknet360.com/news/NewsAbstract.do?na_id=8307&service_id=1&bi_id=

Endpoint Vulnerabilities Driving Bank Security
Posted by Oksana Poltavets on Apr 05 2007 09:36:20 PDT

Financial institutions are living on the edge.

After focusing most of their resources on securing the core of their technical infrastructure, banks are now concentrating on protecting specific data at network endpoints, said Andrew Toner, principal at PricewaterhouseCoopers LLP, an accounting firm based in New York.

“Banks have gotten good at spam filtering and pop-up blocking,” Toner said. “The need to secure specific data is what’s driving a lot of security [decisions] now.”

The No. 1 perceived threat to sensitive data, both employees’ and customers’, is that information can simply walk out the door, he said. Employing endpoint security measures could prevent intentional or unknowing data leaks and a potential public relations and regulatory nightmare.

“The buzzwords are ‘data protection’,” said Ram Krishnan, senior vice president of products and marketing at GuardianEdge Technologies Inc., a vendor based in San Francisco.

Last month, the company released the Data Protection Platform for enterprises needing to manage the protection of information on endpoint devices, such as disk drives and removable devices.

“About a year ago, we had to sell the virtues of endpoint security products to our clients,” Krishnan said. “Now, all the financial institutions understand the virtues of this.”

The GuardianEdge solution combines three products — Hard Disk Encryption, Removable Storage Encryption, and Device Control — to offer clients a way to manage access and security on devices.

This week, Promisec Ltd. announced software that centrally monitors endpoint behavior and policy compliance, such as detection of disallowed applications on servers and desktops.

“Banks are starting to ask for a unified solution,” Krishnan said. “They need a way to track data and protect data in motion, not just on [data in storage].”

Along with the capability to manage security on endpoint devices from one platform, institutions also want a way to make encryption a standard and not a choice, according to Toner.

Full-disk encryption — a fairly new idea in the U.S. market, Toner said — allows all the information on a device to be encrypted, not just selected documents. When a fully encrypted laptop is lost or stolen, the data on the device is useless.

Last month, drive manufacturer Seagate Technology LLC helped develop laptops with built-in encryption. The laptops — manufactured by Fremont, Calif.-based ASI Computer Technologies Inc. — have a fully encrypted hard drive and require authentication from a user before booting up.

Despite the technology strides, U.S. banks are lagging European and Asian institutions when it comes to innovative ways to secure data, according to Hunt.

European banks were pushed to protect their data when they started to expand and move into foreign operations, Hunt said.

In contrast, “U.S. banks are driven by compliance and regulations, and by fear of lawsuits and embarrassment,” he said.