Keeping Automated Systems Secure Within Financial Services Organizations
Intelligent automation systems can play a major role in helping financial services firms keep up with increasingly complex regulations, but keeping these systems secure and protected from cyberattacks is critical.
BY DARSHAN JAIN, VP OF FINANCIAL SERVICES, SS&C BLUE PRISM
Financial services organizations are under pressure to meet an ever-growing and complex framework of international and domestic regulations. The potential consequences of severe breaches have never been higher, with large fines for institutions and the possibility of jail time for individuals. In this environment, intelligent automation (IA) plays an increasingly vital role in helping organizations meet their compliance obligations through the secure oversight of digital workers and tamper-proof audit trails.
Like a human workforce, a digital workforce requires security, oversight and governance, especially in highly regulated industries such as financial services where regulatory compliance is critical. Strict controls on how digital workers are configured, managed and approved should be implemented not only to enable easier compliance with regulatory frameworks but also to guard against the (very small) chance of misuse of digital workers by malicious employees. Building a secure environment for digital workers can reduce the threats of scaled theft/fraud and cyber-attacks such as denial of service, malicious corruption of data and more.
Control, Security and Oversight
To maintain control, security and oversight of an IA initiative, it is essential to understand the technology being used and how it works. Furthermore, it is necessary to have a dedicated team in place that is responsible for managing and monitoring the automation. This team should have a deep understanding of both the business and the technology, and they should be able to work together to ensure that the automation is compliant with all relevant regulations and security best practices.
To enable a secure environment for digital workers, software security features typically feature the following characteristics:
Centrally managed user access control
Role-based access
Multi-actor security, meaning no individual can make changes without secondary approval
Segregation of environments with separate controls governing each
A controlled runtime environment free from interference, casual inspection or tampering
A complete retrospective audit of all activity so accountability and responsibility are fully visible
Deterrent Against Misuse
The last element, an audit trail, is a critical one in preventing abuse and maintaining regulatory compliance.
Every time someone accesses or changes something during a digital break-in, they leave behind a record of their activities. This is the audit trail — a sequence of records that shows, step by step, how a particular transaction has been conducted. By piecing together these records, investigators can build up a picture of what happened and who was responsible during a breach.
This should not be underestimated. Behavioral psychology identifies three key issues driving criminal behavior:
How difficult is the crime to execute (the risk)
How much the criminal stands to gain (the reward)
How likely they are to be caught and prosecuted (more risk)
While a multi-layered security approach can address the first two issues, security does little after the crime is committed. Thus, a secure audit trail can be a powerful disincentive for would-be bad actors who might seek to exploit their familiarity with a bank or insurance company’s digital workforce and its few vulnerabilities.
What to Look for in an Audit Trail
An audit trail should first and foremost be system-generated and resistant to tampering. It should not be possible to delete or tamper with the audit trail, even by a system administrator. If this is possible, then, rightly or wrongly, the system administrator (and anyone else with access to the audit trail) will automatically become an immediate suspect in every irregularity or discrepancy identified. But if the audit trail cannot be deleted or tampered with, it provides an invaluable resource for investigating any irregularities. It can also be used to corroborate other evidence if necessary.
An insecure audit trail is worse than useless because not only would it be possible for people to erase their tracks, but they could also lay down false clues that would further slow down investigations.
Secondly, the audit trail should be centrally maintained and secured. It is crucial to ensure that the audit trail is accessible only to authorized personnel, which may require security measures such as access control lists or encryption.
Third, the audit trail should also be as comprehensive as possible to provide maximum visibility into the system. This may require the logging of all user actions, even those that may appear innocuous at the time. IA can shine here, as digital workers never get bored and never miss a trick. If certain events are not logged, then this may allow irregularities to go undetected or, at the very least, make it more difficult to detect them.
Finally, to detect irregularities, it is vital to have some way to analyze the audit trail. Again, this is precisely where IA can shine, as analysis can be conducted 24 hours a day, in real-time, and any irregularities can be flagged for system administrators to investigate.
Conclusion
Intelligent automation is essential for financial services organizations looking to comply with often-changing regulations. By automating the tasks most vulnerable to human error, such as data entry and record keeping, organizations can reduce the risk of running afoul of compliance regulations while simultaneously building a comprehensive audit trail of all user actions to help prevent and prosecute malicious activity.