With their perimeters largely secured--though under constant probing for weakness--financial services firms are focusing on internal security by improving controls on what employees can do and enhancing the security of connections for staff and customers when they cross the firewalls to access information.
"Keeping the environment secure is somewhat done," says Mark Nicholson, COO of information security consultancy Vigilant. "We are seeing a shift from looking at somebody hacking in or a denial-of-service attack--when outsiders flood servers with so much traffic they crash the Web site--to a concern with fraudulent transactions from people on the inside doing bad things or outsiders gaining credentials to operate inside."
|
