Opinion: 7 tech realities on banks’ minds

This year brought many challenges in the banking industry, including fluctuating trends, market competition, stringent compliance demands and ever-increasing security risks. There is no doubt the information technology landscape for banks is in a state of flux in Missouri.

Yet even with this change, the banking IT sector is one of the fastest growing industries in the United States – expected to grow by nearly 17 percent by 2021, according to technology industry researchers at Pierre Audoin Consultants.

This healthy growth is due primarily to security and compliance needs, but other factors come into play as well.

1. Local IT is not a requirement. Banks are waking up to the fact that local does not mean better. In a landscape of daunting regulations, and with the weight of cyber liability taken into account, banks are looking for dedicated IT partners that know and understand the banking industry to the core. Additionally, the depth of expertise – from basic help desk and advanced security logging and analysis to policy management – allows companies to provide services that a small IT shop cannot offer.

2. Security policies are not enough. Banks have traditionally done well implementing security policies, but the threat landscape has enlarged so much that banks are now adding ongoing security training along with simulated security attacks to test their staff’s comprehension of security policies and guidelines.

3. Backup and disaster recovery plans are being overhauled. With increased economic and political tensions, as well as an increase in natural disasters, banks are waking up to the fact that their backup and disaster recovery plans need updating. New plans are taking into account a wider array of emergency scenarios, such as security breaches, phishing attacks, failure of IT systems, loss or incapacitation of IT personnel and natural disasters. There is also greater attention being paid to documenting IT systems and putting in place continuity plans to ensure uptime should a disaster occur.

4. Policy management needs help. The days of it being sufficient to simply put a policy on paper and then pass out a copy to all employees are long gone. Polices are updated on an ongoing basis; even an annual update is no longer adequate. With the increased liability on banks to ensure that their systems and data are secure, banks are moving toward policy management systems, outsourcing services to providers who can assist compliance officers in executing policies and documenting who has acknowledged those policies.

5. Security event logging is a necessity. Bank networks are being attacked constantly. Criminals are consistently probing for weaknesses and vulnerabilities that will let them into a network. There are specialized systems that track every attempted attack and look for abnormalities that may signal that an attack has occurred or is in progress. These programs watch for both internal and external risks.

6. The IT guy needs backup. Banks that have internal IT staff – or those that use small, local providers – are realizing some form of redundancy or backup is needed. As uncomfortable as it is to discuss, the sudden death or extended illness of an institution’s IT resource can have a massive effect on the bank’s ability to operate. IT companies are now providing a service with password management, documentation management, basic monitoring and reporting. It’s designed around augmenting an institution’s regular IT plan and providing a “knowledge backup” of systems and security.

7. Still anxious about the cloud. Banks are still anxious about cloud computing and the process of moving their systems to the cloud. This is no doubt due to valid concerns about the cloud, and banks are realizing they must go through a proper and thorough cloud readiness assessment to understand if they are ready to make that plunge.

Todd Nielsen is chief strategy officer for JMark Business Solutions Inc. in Springfield. He can be reached at tnielsen@jmark.com.