Financial Services

Data Encryption and Application Programming in Financial Services

Web API Using Azure

Previously, I outlined the how and why of server and endpoint protection. This blog will discuss the benefits of data encryption and application programming.

Data Encryption

All of a firm’s data should be encrypted both at rest (stored on media) and in flight (in transit on the network). This provides the best protection from a brute-force, unauthorized data access attempt. The current gold standard for encryption is the 256-bit version of the Advanced Encryption Standard (AES256).

Financial Services - It's Time to Focus on Post-Digital Transformation in Banking
It's Time to Focus on Post-Digital Transformation in Banking

Digital transformation challenges in banking have been well understood and the strategies to address them simple and clear. However, it is becoming increasingly apparent that the industry is reaching a tipping point in the digital transformation journey.

Get the Guide

A customer data breach under the European Union General Data Protection Regulation (GDPR), ranges from €10 million or 2% of the worldwide annual revenue of the prior financial year to €20 million or 4% of the worldwide annual revenue of the prior financial year. With the fines so high, investing in a comprehensive encryption strategy is sound policy.

Application Programming

An often-overlooked component of information security concerns the application programs developed in house. Of special concern are the externally facing applications that have access to a firm’s data residing behind the firewalls. If the URL strings are not properly scrubbed, hackers can exploit the stateless nature of the protocol by inserting dangerous HTTP methods, modifying the request parameters or sending other malicious traffic.

All in-house programmers should receive required training in secure programming techniques to minimize the ability of cybercriminals to infiltrate a firms defenses via this attack vector.

To learn more about data encryption and application programming, and other security measures financial services firms can implement in order to mitigate the risk of cyberattacks, you can fill out the form below or click here.

About the Author

David Willner is a business-focused information technology executive in Perficient’s financial services practice. His specialty is in transformation and data strategy programs. Before Perficient, he served as a managing director at J.P. Morgan Chase, senior managing director and chief development officer at Bear Stearns, and chief information officer, corporate comptrollers, at AIG. When he is not improving our client’s operations, systems, and data, he can be found playing guitar in his blues/rock band.

More from this Author

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up