Security vulnerabilities at financial organisations are
on the up as companies in the sector offer online access to their
customers, according to security testing and consultancy NTA
Monitor.
Tests on financial organisations have revealed the
vulnerabilities raised 20% compared to the same study last year,
according to
NTA Monitor’s 2007 Annual Security Report.
This is in contrast to the majority of sectors that have
improved.
Roy Hills, technical director at NTA Monitor, said one factor to
consider is the growth in online business.
“Financial organisations are one of the frontrunners in terms of
online activity. They are being pushed more and more to open
themselves up to the public by offering more online services or by
allowing customers to access their personal financial data.
"Whilst this extra accessibility is of benefit to many
customers, at the same time it can increase the exposure to
external attacks.”
NTA Monitor recommends that companies in all sectors apply the
following recommendations to raise awareness and minimise their
exposure to IT security risks:
- Ensure that SSL certificates are always renewed when they
expire
- If using Apache web servers, change the default settings to
guard against Denial of Service attacks
- Stay up to date on the latest vulnerabilities and apply patches
and updates as soon as they become available
- Allocate sufficient management time, focus and control to
ensure that preventative actions are carried out on an ongoing
basis
- Involve and educate staff on internet security issues
- Have a clear and up to date security policy. Publicise and
update it regularly
Security improving at UK organisations >>
Businesses ignore security fears in pursuit of e-commerce
>>
Banks invest to meet rising demand for online services
>>
IT accounts for 50% of EU productivity growth >>
David Lacey’s
security blog >>
Comment on this article: e-mail
computer.weekly@rbi.co.uk