Research indicates banks lack the right data safeguards putting over 32M UK bank accounts at risk

London - 15 March 2011

A study commissioned by Informatica Corporation(NASDAQ: INFA), the world’s number one independent provider of enterprise data integration software, has found that UK banks are cutting corners when securing customer data used in software development and testing. 85 per cent of data used during software development and testing is made up of customer information. However, well over a third (43 per cent) of IT professionals surveyed are not taking any steps to protect the data used during this process. As a result, banks are leaving their customers at risk from personal data loss.

Almost half (41 per cent) of respondents admitted that their organisation uses less stringent safeguards to protect confidential data during the testing and development of their web portals and applications than during the initial production stage. This approach appears to be a result of confusion over culpability when it comes to data protection. The majority of respondents, 27 per cent, said that no one department has responsibility for protecting this data, whilst another 16 per cent revealed that responsibility lies with their business heads. With security, compliance and legal teams being sidestepped, decisions around data protection are being made by those who are more likely to be driven by the need to meet corporate targets, rather than addressing data security risks. This leads to a lack of governance and risk management, which in turn adds to the risk of a possible data breach.

The issue of compliance is further complicated when external parties come into the equation. Nearly 85 per cent of respondents said that their organisation outsources the development and testing of software applications. In over half (51 per cent) of cases, outsourcing these functions involves sharing real data, highlighting an increased risk as it passes through more hands. By not ensuring that third parties have appropriate safeguards in place such as data masking in place, banks are greatly increasing the likelihood of customer data being lost or stolen.

“It is imperative that financial organisations take greater ownership of the data they house by putting people with the right skills and motivations in control. This will not only clear up confusion around data security, but also bolster customer confidence,” said John Poulter Senior Vice President, EMEA, Informatica. “Ensuring that the right technology is in place is a sure fire way for banks to gain an advantage over their competitors and foster existing and prospective customer relationships that are vital to their success. Data loss or theft will no doubt continue to dominate the news agenda this year, so banks need to do all they can do to ensure their customer data is protected and safe, no matter where that data resides, in a data center on-site or in the cloud.”

Consumers today are faced with an onslaught of attempts to steal their personal information, ranging from identity theft, to credit card and banking details. The assumption that your money is safe with your bank has taken a knock over the last couple of years with the memory of the UK government’s £37 billion bank bail-out still fresh in the minds of many. So suggesting that not only your money, but your bank details are at risk could have a devastating impact on UK banks. As data volumes continue to grow, financial organisations are under additional pressure to store and manage this data deluge securely, whilst keeping costs to a minimum.

New technology is also having an impact. More than a third (38 per cent) of respondents said that their organisation uses public cloud computing infrastructures or platform services in testing and development environments. Of these, nearly one in two (46 per cent) admitted that they are not confident that the data held there is secure. Whilst the cloud can bring real business benefits if approached with the correct strategy, this survey shines a light on the problem for banks investing in the cloud without a proper understanding of how to ensure that customer data stored there is being managed with the same level of care as data stored on-premise.

Poulter concluded, “The findings of this research highlight the increasingly complex challenge that IT professionals in the financial services industry face, to manage the growing volumes of customer data stored across the business. Every day people trust their banks to adequately manage and protect their personal information and it’s worrying to see that they are being unwittingly exposed to unnecessary risks. Despite a string of high profile data breaches in the financial services industry, it appears that IT professionals need a further reminder of the need to effectively manage customer data.”

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development