A Measured Approach

The Sheer Importance of Securing Banks Requires a Multifaceted, Proactive Approach

• By Bill Wayland
• Feb 01, 2020

The threat landscape continues to evolve for every business. But banks and financial services companies face especially urgent demands – from aging infrastructure, outdated technologies, and the skyrocketing cost of brick and mortar locations, to cyber-attacks, fraud and changing federal and state regulations. Adding to these challenges is a shift in how consumers want to interact with their bank today and the need for financial institutions to differentiate their organizations. The obstacles may seem daunting, if not completely overwhelming, at times.

A logical first step to better understand how these risks may affect your business is to conduct a thorough risk assessment. This risk assessment can help pave the way to help ensure your assets are protected while also helping improve your client’s interaction, satisfaction and overall customer experience.

Aging Infrastructure and Outdated Technologies

Looming large on the horizon is the fast-approaching sunsetting of Microsoft Windows 7. Most, if not all ATMs are built on the Windows 7 platform and come January 2020, organizations that have not already upgraded or secured a service contract to upgrade at a future time, could face potentially serious risks.

After January, Microsoft will no longer support Windows 7, including issuing future security patches, security updates, nonsecurity hotfixes, free or paid support options or online technical content updates supported by Microsoft. For those financial institutions that will continue to run Windows 7 on their ATMs, they have the option of purchasing an Extended Security Update (ESU) that will provide support through January 2021.

The ESU program will include security updates deemed “critical” or “important” for the ATMs. Without purchasing an ESU for ATMs or upgrading to Windows 10, organizations that experience a breach to their networks after that time could be liable for any losses the consumer may experience.

The upgrade requires a new “PC core” and a software upgrade, but financial institutions may want to consider taking that a step further to include third-party monitoring and servicing of the ATM. With internal IT and security resources stretched thin, outsourcing the service, maintenance and monitoring of ATMs to a Managed Service Provider (MSP) may make sense for some organizations.

These services can help to ensure that the latest security patches are installed as they become available. Real-time monitoring for trouble signals can help avoid downed machines and the lost revenue that could result, and can also potentially send an alert when an illegal act such as tampering, installing skimming devices or even jackpotting incidents occur.

of your current security and life safety solutions? Chances are, if your current solutions have been in place for more than five years, they are outdated and less effective at protecting against today’s threat landscape. Do you still have wired or analog cameras watching your facilities or outdated access control solutions that still rely on easily duplicated magnetic stripe cards?

These may be areas of concern to prioritize new solutions. As cyber threats continue to increase, implementing a remotelymonitored, security-only network may also be an option to add as an extra layer of separation between your business-critical data and the security products that may reside on your main network.

While completely swapping out your existing technologies or adding a new network are probably not economically feasible improvements to tackle all at once, working with a qualified security integrator can help you to design a roadmap and budget for future enhancements.

Bigger No Longer Means Better

Until the financial crisis in 2007, a retail bank’s total share of deposits was tightly linked to the size of its branch network. Over the past decade, this relationship between deposit growth and branch density has weakened. Deposits at the 25 largest US retail banks have doubled over the past decade, while their combined branch footprint shrank by 15 percent over the same period.

However, a recent study conducted by Value Partners and Fiserv, US Bank reported that while 60 percent of traditional transactions, like deposits, are digital – 80 percent of sales activities still occur at the branch, making an argument that both channels are still viable options for today’s consumer.

A contributing factor when deciding the best channel to serve a customer may lie, in part, on the cost. A 2012 study published in the Wall Street Journal reported that each in-person interaction with a bank teller costs the business $4, compared with $0.17 for digital financial transactions and $0.70 for ATM.

So, it seems the answer may lie somewhere in between brick and mortar locations and mobile or online activity, or maybe a combination of both with Interactive Teller Machines (ITMs) or a “Branch in a Box” approach. While certainly not the solution for every bank, these are becoming more viable options in lieu of expensive new branch construction, by still providing access to additional remote locations and expanding access to tellers.

When considering future growth strategies for your operations, ITMs may play an important role in your planning. Join forces with an organization that not only has a dedicated team with hands-on experience implementing ATM technologies and newer ITM solutions, but has the capability to bring all your fire, life safety and security systems together.

Giving and Getting Customer Service Excellence

Standing out in a crowded competitive environment is hard to do as more banks and financial service organizations merge and the industry consolidates down. As discussed earlier, catering to the fickle demands of today’s varied consumer can be tricky, from the digital millennial to the traditionalist who wants human interaction at the brick and mortar location.

They all have one thing in common: The expectation that they deserve and will receive the highest level of customer service. As part of their customer experience, they expect the ATM they visit to be up and running, the branch they visit safe and secure and the mobile app experience to be streamlined and flawless.

To help you meet the increasing demands your customers place on your organization for an exceptional customer experience and perhaps give you a little competitive edge, you should ensure that your technology is fully functional and available to the public. Here are a few tips when selecting or dealing with a systems integrator to help you meet your customers’ expectations.

First, select a systems integrator that is experienced in serving the banking and financial services community and is up-to-date on the changing rules and regulations that govern the industry. An organization that has dedicated team members calling on the market segment is ideal.

1. When engaging the systems integrator, identify and agree upon service protocols in advance such as response and dispatch times. Does your provider have a monitoring best practices procedure in place?

2. Develop a team approach to meeting your security and operational needs with your systems integrator. The team should include sales, project management, service and operations to work hand-in-hand to keep everyone abreast of job status.

3. Apply a consultative approach with your provider, where they keep you informed on the latest technologies on the market and how they could potentially enhance your security portfolio.

4. Look for a systems integrator that goes beyond selling and installing hardware in your facility. Your provider should be a true partner in the ongoing performance of your solutions by offering preventative maintenance, inspection and testing services. Some integrators can even monitor and service ATM systems for situations such as low printer paper.

When moving to ITM solutions, employing a partner that can address the network and video components of these systems is critical to customer satisfaction. Working with a trusted professional partner can help give you a competitive edge in the crowded financial services market by helping to identify risk at your facilities and offering insight on the right solutions. They can also provide those additional services to help ensure that the cash handling side of your business is running at peak performance.

A reliable integrator can offer professional installation, maintenance, monitoring and testing to ensure systems are up to code, all while making sure your tried-and-true life safety systems can work with new innovations and advanced technologies.

This article originally appeared in the January / February 2020 issue of Security Today.