Financial services sector risks data security breaches with insecure instant messaging

As more people in the financial services sector work from home or remotely, the use of free instant messaging apps (such as WhatsApp) is rising to enable remote employees to communicate with their colleagues around the world. However, data from a recent survey commissioned by StarLeaf and conducted by Vanson Bourne has revealed that 78% of IT decision-makers within financial services reported having serious security concerns around the use of such consumer messaging apps.

The survey revealed that instant messaging is overtaking e-mail, with 61% of respondents in the financial services sector stating that it’s the most effective way in which to communicate with remote colleagues, compared to 58% for e-mail.

Instant messaging can offer high speeds of communication and fast decision-making, which can be crucial in the financial sector when it comes to remaining ahead of the competition and driving higher profits.

The transition from e-mail to instant messaging is further reflected in the survey, with 52% of financial services respondents reporting an increase in the use of free messaging apps.

However, while instant messaging is becoming increasingly popular within the financial services industry, organisations are also expressing concerns about the security of these free apps. In fact, 85% of respondents reported that the security of their instant messaging apps could be improved.

These concerns reflect the potential for free messaging apps to undermine corporate network security, opening up financial services organisations to data breaches and providing a point of entry for malicious hackers looking to disrupt business operations and steal customer data.

Security “must be a priority”

As corporate networks have grown in complexity, and data breaches can occur from something as simple as sending an e-mail to the wrong person, financial organisations must ensure that security is a priority.

Commenting on the survey findings, William MacDonald (CTO at StarLeaf) said: “Data security and protection has never been more crucial within the financial industry. With consistent news coverage of cyber attacks, it’ vital for finance firms to remain compliant under the terms of the EU’s General Data Protection Regulation. We’ve already seen high-profile cases this year where High Street banks have been hacked and lost sensitive information. It has never been more important for financial services organisations to tighten their internal processes for data sharing and to ensure data transmission is secure so that customer and commercial details don’t fall into the wrong hands.”

MacDonald continued: “Financial organisations should engage with vendors that prioritise security and develop their instant messaging solutions in-house, as well as fully own their technology architecture and Data Centres. Cloud-based solutions are intelligently engineered to allow enterprise users to reliably and securely connect, communicate and collaborate more efficiently. This allows organisations to choose the jurisdiction of their data so that they know that data remains within their control and cannot be accessed by third parties.”

In conclusion, MacDonald explained: “Instant messaging is a growing part of our culture of communication, but financial sector organisations must adopt the right solutions to minimise risk and protect users’ data. Secure messaging engineered for the enterprise enables a more mobilised workforce to meet and message more effectively, as well as retain customer trust.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts