Windows 10: Securing the future of the finance industry
Upon his capture in 1934, the infamous Willie Sutton was asked by FBI agents why he robbed banks. He simply replied “Because that’s where the money is.” Since then, security threats to financial services organisations have evolved through many disturbing trends. Unlike Sutton who actively sought notoriety, today’s cyber criminals tend to operate in clandestine organisations, often using areas of the internet that can’t be reached by regular search engines. Accessing this hidden network known as the dark web requires specific tools that make visitors virtually untraceable.
A study by RAND Corporation’s National Security and Research Division1 describes the dark web as the “playground of financially-driven, highly organised and sophisticated groups,” and claims that “this black market for stolen data can be even more profitable than the illegal drug trade.” But such criminal activity has a high price for the victims. The average total cost for a single data breach is $3.8 million2. Then you need to factor in damage to corporate reputation, loss of customers and business interruption.
In addition, Symantec discovered more than 430 million new pieces of malware in 2015, up 36 percent from the previous year3. Perhaps what’s most frightening is that these figures no longer shock us. Cybercrime has become part of daily life and attacks are reported with such regularity that we’re numb to the sheer volume of threats.
Financial institutions need a new approach to cyber-security
The traditional protect and recover strategy assumes that if a financial organisation is adequately protected, it will never be breached. But as we regularly see on the news, no business is immune. While cyber-attacks continue evolving and become increasingly sophisticated, financial institutions are under mounting pressure. If your organisation is in the crosshairs, it’s not a question of whether the attackers can access your network, it’s a question of how quickly they’ll infiltrate.
Financial institutions fully appreciate that yesterday’s defences won’t stop tomorrow’s attacks. Yet there remains an inherent conservatism across the industry whereby institutions need rock solid reasons to transform – such as Windows 10, which is by far the most secure Windows product to date. Introducing huge advancements in security and identity protection, it’s specifically designed to combat the rapidly evolving world of cyber security.
New Windows 10 security features provide powerful protection
In 2014, a Milwaukee, Wisconsin-based cybersecurity firm uncovered an estimated 1.2 billion stolen internet userids and passwords amassed by a Russian crime syndicate from a series of attacks on 420,000 websites4.
Single points of verification no longer have a place in cyber-secure organisations. Even if your employees replace their ‘favourite pet’ and ‘first child’s name’ passwords with unique alternatives, savvy hackers will still be able to exploit them. So it’s time to say goodbye to passwords with Windows Hello, which dramatically reduces cost while improving security by enabling simple and integrated log-in via face recognition or fingerprint scanning.
A new approach to certificate-based authentication that supports many multi-factor credential options and reduces implementation and deployment complexity. Windows Hello provides solid two-factor authentication and simplicity for end users. When your employees need to provide more than one factor to access their data, it’s more difficult to impersonate them. A stolen password on its own is no longer enough to gain access, and without the additional physical element, a cybercriminal will be further challenged. If your organisation is using an outdated operating system such as Windows 7, without two-factor authentication, you are leaving your network vulnerable to potential data breaches that can easily be avoided.
Secure Boot and Trusted Boot
Secure Boot prevents malicious software applications and unauthorised operating systems from loading during the system start-up process. When Secure Boot verifies that the bootloader is trusted and starts Windows, Trusted Boot protects the rest of the startup process by verifying that all Windows startup components are trustworthy and have integrity.
Device Guard allows IT departments to govern what runs on a device using technology proven at mass-market scale on the Xbox One. Apps need to be explicitly signed by a trusted authority before they can be run on a Device Guard-enabled device.
Enterprise Data Protection
EDP enables automatic encryption of corporate apps, data, email, website content and other sensitive information as it arrives on the device from corporate network locations. Rather than requiring employees to switch between personal and work containers and apps, EDP offers a better user experience, separating and protecting enterprise apps and data across both company and personal devices without requiring changes in environments or applications.
Data on a lost or stolen computer is vulnerable to unauthorised access. BitLocker helps mitigate unauthorised data access by enhancing file and system protections. It also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled.
One of the key security features available with Windows 10, Credential Guard provides protection against the hacking of domain credentials to prevent hackers from taking over your enterprise networks.
Now your employees can secure their own devices and better understand the protections they have in place. With the Windows Defender Security Center, it’s easy to view and control the security features protecting a Windows 10 device.
Windows Defender Advanced Threat Protection
Windows Defender ATP is a new service enabling enterprises to detect, investigate, and respond to advanced attacks on their networks. It adds a new ‘post-breach’ layer of protection to the Windows 10 security stack. Combining client technology with cloud-based analytics, Windows Defender ATP can detect attackers and threats that have evaded other defences. This will help you to investigate the potential scope of breach using relevant Threat Intelligence and response recommendations.
So long as the Willie Suttons of the digital age target financial organisations, you must continue to strengthen your security services. Making sure your business is using an up-to-date security-focused operating system like Windows 10 makes it significantly more challenging for attackers.
1 RAND – Markets for Cybercrime: Tools and Stolen Data http://www.rand.org/content/dam/rand/pubs/research_reports/RR600/RR610/RAND_RR610.pdf
2 The Ponemon Institute – 2015 Cost of Data Breach Study http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEW03055USEN
3 Symantec Internet Security Threat Report, April 2016 https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
4 New York Times – Russian Hackers Amass Over a Billion Internet Passwords https://www.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-more-than-a-billion-stolen-internet-credentials.html?_r=0