You are here

Banking and Financial Sector

The use of InfoWatch solutions provides banks and financial organizations with confidence that their valuable and confidential data is secure, awareness and system-wide understanding of all of the organization's internal and external information flows, and a reduction in business risks.

Leak of banking secrets = financial damage to the business

Information leak Risk Damage
Internal bank regulations
  • danger of theft and fraud
Clients' personal data
  • clients leave due to disclosure of personal data
  • legal proceedings brought by clients under federal law
  • checks carried out by regulatory authorities

Information about services offered to VIP clients
  • loss of special clients

Plans to introduce a new product to market
  • competitor launches new product more quickly
Financial information
  • reduction in ability to attract investment
  • close attention from auditors

Information about agents, partners and terms of collaboration
  • competitor offers more profitable terms

Long-term plans for a company's development can only be built where there is confidence in the security of current decision-making. An organization's development strategy, information about planned mergers and acquisitions, the results of general shareholders' meetings, decrees, resolutions issued by the bank's chairman of the board, the results of market research, information about the development of a new brand, new banking products and services – all of these are valuable information assets, the loss of which can have a significant impact on the business.

With InfoWatch solutions, it is possible to reliably protect confidential information assets from unauthorized access and leaks outside the organization.

It has been shown that the majority of cases of armed attacks on cash transportation teams are carefully planned, and the key figures who provide assistance and supply information to the criminals are bank employees. Information about the routes and schedules used by cash transportation teams, their composition and the sums of money being collected, and the service schedules of the bank's software and technical measures can play a key role in the preparation of such crimes. The challenge for managers responsible for security is to limit the number of employees who have access to such information and to carefully monitor its distribution.

InfoWatch solutions allow you to determine user access rights to documents and external devices, to monitor their use and to analyze and filter traffic. Furthermore, InfoWatch solutions enable you to monitor the transfer of sensitive information, monitor internal dataflow, monitor the distribution of corporate information, help to track irresponsible behavior by employees working with confidential information and identify those involved in espionage. All of this allows you to minimize the risk of leaks of valuable data, which could incur substantial financial losses for the company.

The classification of data in banking institutions remains quite a difficult problem. The issue lies in the fact that large volumes of data are constantly being transmitted over the corporate network, and with each year it grows increasingly difficult to track the nature of the information: where it has come from, who is receiving it and whether those employees are permitted to use this information.

Once an organization has introduced automated categorization of information, they will have a clear and transparent picture of information flows, on the basis of which it is easy to optimize existing business processes and ensure that unauthorized users do not have access to information, by applying a security policy that takes into account all the nuances of the organization's operations.

Unlike many other sectors of the economy, the banking industry is obliged to comply with a large number of legal requirements and regulatory standards. Failing to comply with regulatory requirements can lead to major risks for financial institutions, up to and including a review of their banking, brokerage and dealer licenses.

Current standards for the banking industry:

  • Basel III
  • Payment Card Industry Data Security Standard (PCI DSS)
  • ISO 27001

Compliance with standards is achieved through monitoring flows of information that contain confidential data, ensuring a high level of security for personal data, guaranteeing the security of payment systems (mostly acquiring systems) and other confidential information that relates to payment systems in financial institution processing centers.

In the recent years many laws on counteracting the illegal use of insider information and market manipulation' have been in force in all over the world.

The laws provide for the prosecution, under administrative and criminal procedures, of those who make illegal use of insider information.

Those in the industry can fulfill the requirements of the law, including the adoption of every possible measure to prevent and identify instances of illegal use of insider information, by using InfoWatch's technology solutions.

These solutions help information security departments to monitor the distribution of data containing the following information:

  • state registration of a securities issue by a credit organization, information regarding the suspension of a securities issue;
  • information regarding the refusal of state registration for a report on a securities issue;
  • any other insider information

A bank's market position depends to a large extent on its reputation, one of its key non-material assets.

In today's world, corporate reputations are to a large extent established on the Internet, where a huge amount of information about a company is regularly posted by a variety of different sources. This information includes not only specially-distributed PR, but also client reviews of their interactions with the bank, overviews, comparisons and ratings on thematic sites, including those compiled on the basis of information supplied by competitors, etc. In the absence of a security system, internal information not intended for public access can also appear on the Internet.

Only constant monitoring of Internet sites will enable you to identify in real-time information that represents a threat to your company's corporate reputation and to take the necessary measures to mitigate the damage. InfoWatch offers a specialized toolset for this task.

InfoWatch Solutions for the Banking and Financial Sector

InfoWatch's many years of experience in working with leading financial companies have enabled it to create a solution that takes full account of the specific nature and challenges faced by the industry. In particular, a Content Filtering Database (CFD) for Banks, which is constantly updated, has been created, providing the highest levels of efficiency in detecting confidential information sent outside the bank.

The CFD for Banks contains a rich selection of terms and phrases specific to the day-to-day operations of Russian and foreign banking departments. During its creation, both internal security policies operated by financial institutions and regulatory acts, standards and recommendations for working with confidential information were taken into account. As such, the use of the CFD for Banks will not only help banks to protect data from negligent employees or insider activity, but also to comply with legislative requirements.

InfoWatch tracks changes in the processes and standards used by the banking industry and regularly issues updates to the CFD for Banks, adding content that will help to identify the latest and most sophisticated attempts at unauthorized distribution of confidential information.

The 'Templates Analyzer' technology used in InfoWatch Traffic Monitor is designed to detect alphanumeric characters in data templates and enables highly effective identification of instances where personal data or financial information is being forwarded. Moreover, this technology can be used as a secondary means of identifying instances of unauthorized transfer of internal documents containing formalized data laid out according to a specific template (for example, contracts or accounts in the case of detection of banking credentials, classifier codes, etc). The solution comes with a selection of predefined text templates that may be used as the basis for the creation of a security policy. The list includes:

  • credit card numbers;
  • passport numbers;
  • telephone numbers;
  • email addresses;
  • bank identification codes (SWIFT);
  • international securities identification codes;
  • National classification codes, etc

More about InfoWatch technologies

Solutions are based on the following products:

A software solution (DLP system) designed to monitor information flows and protect confidential information from leaks and unauthorized distribution.

A software product providing information security for workstations, removable media and mobile devices, designed for quick deployment and ease of management.

A software product offering automated audit of source code in customized business applications to detect vulnerabilities and implants.