When it comes to IT security, different industries often have different requirements. This is a result of regulatory compliance. Regulations and laws hold major influence over how security is enforced in each industry and sector. Publicly traded IT security vendors have observed that a disproportionate amount of their revenue has been generated from sectors that face stricter regulatory compliance, such as the financial services industry.
Financial services firms are often a massive target for cyber attacks and hackers, due to the fact that they store copious amounts of highly valuable and sensitive information. Apart from the fact that financial institutions are frequently targeted, a majority of financial services firms have to deal with issues that other organisations in other industries may not have to face. One such example is latency, which is a particularly big issue for trading applications. In addition, there is the issue of privacy as well as the fact that many financial services companies have a vast distribution of networks that span across countries and states with countless branch offices and outlets.
In today’s era of digital business and marketing, many financial services firms have begun to look at cloud computing. However, many of them have to deal with existing legacy identity and access management[(IAM) systems such as client-facing applications that are outdated and cannot be migrated towards the cloud. The hybrid IT environment is thus a result of the fact that financial services organisations are utilising both on-premises resources as well as cloud-based systems and software. This means that an IAM solution must be able to account for both on-premises infrastructure as well as those in the cloud, ideally doing so with a common management interface that can help to alleviate “console fatigue” and using a consistent set of policies that can be rolled out for both on-premises and cloud-based infrastructure.
Financial institutions must also deal with a diverse set of end users. Employee IAM is not enough to manage the various kinds of identities that are a result of banks enlisting the services of outsourcers, external vendors and contract employers. Furthermore, banks and financial services providers typically use customer-facing applications. As part of digitalised interactions, customers desire and expect an end user experience that is seamless and secured. Financial institutions must therefore take into account the capabilities of their adopted IAM solution (given the fact that customer IAM is drastically different from the typical enterprise IAM) so as to meet the unpredictable demands of consumers and other business partners.
Thus a robust IAM solution should ideally be broad enough to support each of these needs and be able to adapt to new requirements as they emerge, with a single view that allows for centralized management. Lastly, most financial services firms require a platform that will enable them to continue to leverage existing on-prem resources, while at the same time allowing them to migrate to the cloud at their own pace without undergoing “forklift” upgrades that can be disruptive to both internal staff as well as customers.