The adoption of cloud-based services are forcing the financial services industry to rethink their approach to security. The growth of cloud and SaaS has accelerated with the consumerisation of information technology, along with the shift to working from home. Users have become comfortable downloading and using apps and services from the cloud to assist them in their work but often without explicit IT departmental approval. In fact, there are 3 to 4 times more SaaS apps in use at a company than the IT department is aware of, on average. This is known as ‘Shadow IT’ and while it can cause headaches for any industry, financial services are open to the biggest threat.
Asset management companies have access to far more sensitive information on individuals than other industries. If the IT team within your company has no visibility or understanding of how to properly secure the software, then issues of security are going to arise. Even the smallest breach in data can cause unforeseen business disruption. Unmanaged security threats that arise from Shadow IT can leave asset managers vulnerable. But it’s not just about bad security and the reputational damage that comes with it. Shadow IT can also cause heavy financial loss.
Risks with Shadow IT
With more and more people working remotely, accessing software that is not directly connected to the core systems of work is becoming commonplace. This makes it both a security challenge and critical risk for the overall business. Without knowing what IT is being used and where it will be difficult to respond efficiently to any cybersecurity issues that may arise.
A lot of unapproved software and services may duplicate the functionality of approved ones, meaning your company spends money inefficiently. How does this impact overall revenue? Business email compromise is one of the most popular ways cyber criminals attack a system. In December 2020, a US-based Asset Wealth Management firm was targeted in an invoice fraud attack that attempted to steal USD 80,000. While it depends on the industry, on average companies spend 3.28% of their revenue on IT, according to a recent study by Deloitte Insights. Banking and securities firms spend the most (7.16%) and construction companies spend the least (1.51%).