Security vulnerabilities at financial organisations are on the up as companies in the sector offer online access to their customers, according to security testing and consultancy NTA Monitor.
Tests on financial organisations have revealed the vulnerabilities raised 20% compared to the same study last year, according to NTA Monitor’s 2007 Annual Security Report.
This is in contrast to the majority of sectors that have improved.
Roy Hills, technical director at NTA Monitor, said one factor to consider is the growth in online business.
“Financial organisations are one of the frontrunners in terms of online activity. They are being pushed more and more to open themselves up to the public by offering more online services or by allowing customers to access their personal financial data.
"Whilst this extra accessibility is of benefit to many customers, at the same time it can increase the exposure to external attacks.”
NTA Monitor recommends that companies in all sectors apply the following recommendations to raise awareness and minimise their exposure to IT security risks:
- Ensure that SSL certificates are always renewed when they expire
- If using Apache web servers, change the default settings to guard against Denial of Service attacks
- Stay up to date on the latest vulnerabilities and apply patches and updates as soon as they become available
- Allocate sufficient management time, focus and control to ensure that preventative actions are carried out on an ongoing basis
- Involve and educate staff on internet security issues
- Have a clear and up to date security policy. Publicise and update it regularly