Securing sensitive financial data is already difficult for financial services firms due to complex IT infrastructures and the growing frequency of cyber threats. And it is expected to become even more challenging in the coming years as banks and financial institutions expand their use of third-party contractors and consultants to drive efficiencies and cost savings that can come from supplementing the work already being done by full-time employees.
Yet, a recent study by the Financial Services Information Sharing and Analysis Center (FS-ISAC) found third-party risk to be among the top cyber threats facing financial institutions in 2022, along with zero-day threats and ransomware¹. Further, in the Modern Bank Heists 5.0 report, published in April 2022 by VMware Carbon Black, 87% of financial institutions reported being concerned with the security of shared services providers².
Billions being spent on compliance
With this increase in third-party risk comes a desire by financial services firms to expand their investments in IT security and compliance. The most recent LexisNexis Risk Solutions report found that global spending on financial crime compliance at financial institutions reached $213.9 billion in 2021³.
This number is expected to grow substantially in the coming years as according to the Modern Bank Heists 5.0 report. Seven out of 10 financial institutions interviewed by VMware aren’t currently spending more than 12% of their overall IT budget on security, while the majority of those surveyed plan to increase their budget by 20% to 30% in 20224.
Disruption is shaping how banks respond to cyber threats
Today’s financial institutions face a perfect storm of rising costs, complex risks and growing regulatory pressures. The disruption of the past few years has created opportunity for cybercriminal and evolving financial services regulations have made compliance more challenging.
With many banks having spent the last two years accelerating their digital transformation in response to the shift to hybrid work and remote work scenarios, these same financial institutions are evaluating how they address cyber threats.
What if there were a solution that provided a secure way for financial services organizations like banks, credit unions, and fintechs, for example, to work safely with an “anywhere” workforce that includes employees, contractors and third-party service providers?
This may sound futuristic, but the fact is there is such a solution today and it is called the Tehama Carrier for Work™.
An innovative solution for removing the risk of hybrid work
The Tehama Carrier for For Work™ is an innovative and disruptive solution that can help financial services organizations and remove the risk associated with hybrid work.
With the Tehama Carrier for Work™, banks and financial institutions benefit from:
Governance and Compliance.
Tehama has more than 80 built-in SOC 2 Type II controls, making it easy to meet regulatory requirements such as FINRA, PIPEDA, OSFI, NYDFS 23, and NYCRR 500. Every Tehama session is logged and recorded, so auditors and risk managers can ensure all compliance requirements are met.
Every Tehama session from every worker is perfectly witnessed in real-time and recorded for playback and auditing. Everything done in the Workroom is logged to protect the financial institution and in the case of contractors, the third-party organization.
Eliminating VPN Risk.
Tehama isolates endpoint devices and eliminates VPN risks by providing a virtual extension (Workroom) of the enterprise. In a Tehama Workroom, workers can securely collaborate and deliver services to only the enterprise applications on-premises or to the cloud-based Workroom it has authorized them to access.
Strong Identity Control and Policy Enforcement.
Before a global worker is permitted to enter a Workroom, they must complete an approval process that enforces policies such as nationality, OSFI, legal clearances, GDPR or any other policies the financial institution wishes to enforce. Once workers are approved, they must use MFA (multi-factor authentication) to enter the Workroom. There, they start work on a Windows or Linux desktop image that is already loaded with all the software products authorized by the Workroom Manager.
Encrypting All Communication.
Everything that happens in the Tehama Workroom is encrypted, as is all the communication between the Tehama platform and the financial services infrastructure. This completely eliminates the need for untrustworthy and expensive VPN connections and hardware.
To learn more about how the Tehama Carrier for Work™ offers an innovative, and secure way for financial services companies to deploy a hybrid workforce including third-party contractors and suppliers, click here or contact our team to learn more or to set up a demo today.