StorageGuard - by Continuity™ - is the ONLY Security Posture Management solution for Storage & Backups, helping to ensure these systems are securely configured, and compliant with industry & security standards.
Obviously we commiserate with the hundreds of thousands of people directly affected by highly distressing events that occurred in April through June at TSB Bank in the UK, and again just yesterday. Originating in a project to migrate 5.4 million customer accounts to a new banking platform in order to save £160M per annum, the worst of the affair occurred over a several-day period. Hundreds of thousands of customers had no access to their accounts, money disappeared from accounts, some account holders were able to see others’ accounts, and the IT confusion set the stage for a tenfold increase in reports of phishing attempts. Even after six weeks, some retail and business customers were still experiencing problems.
Considering the recent outages at the London Stock Exchange and at Visa (financial services) it may seem as if the UK is being relentlessly hit with devastating IT problems. Rest assured, other countries on other continents haven’t been spared. Recently, the online and mobile banking platforms at TD Bank in the US had technical difficulties after an upgrade. Down under, National Australia Bank (NAB) experienced a nationwide outage and customers were not able to access services or their money. Strangely enough, on the same day, the Bank of New Zealand, an NAB subsidiary, also experienced nationwide outages. No reasons were given for those problems.
In all these cases, the bank IT outages messed up peoples’ lives. In the TSB case, for example, rent and other bills couldn’t be paid, vendors didn’t know whether customers had paid them, individuals thought their savings had disappeared, and out of desperation, many were conned into providing their personal details to hackers.
Support for account holders
Because IT banking outages occur more frequently than they should and some last quite long, UK lawmakers are seeking to develop a framework that would guarantee basic services to customers during such outages. (Read more about these new regulatory requirements in our recent blog post) So, we’re hopeful that government has the private person’s back. And, customers take things into their own hands; 12.5K left the bank in the wake of these events.
Banks have their own set of challenges
On the other side of the coin…, unpopular though it may be to look at things from the corporate perspective, can you even begin to imagine what it’s like to be on the IT team responsible for migrating those millions of accounts, or to be the head of IT in a large financial institution when hundreds of thousands of your customers believe their money has disappeared?
IT systems are in transition
We’re not absolving the bank from blame. We do know, however, that the IT tools they work with are not always up to the tasks that must be performed. IT environments for banks and other financial institutions are getting larger and more complex with the pace of change getting faster all the time; ensuring there are no mistakes or misconfigurations is very difficult.
Indeed, while new tech-dependent services are offered to customers, they still greatly rely on legacy systems. Many different IT vendors and IT maintenance teams are involved in holding up a bank’s IT infrastructure. Getting it to all work together is not an easily achievable feat.
The route to IT resilience: Proactive detection of errors and risks
That’s why we’re emphasizing the need for a solution that automatically and proactively detects the kinds of configuration errors that were most likely at the root of many of the recent bank outages described above. Events such as these illustrate why it is critical to implement a solution that uses a deep knowledgebase and utilizes the most up-to-date best practice information from all tech vendors and tech-users in the field to ensure that system configurations and connections are correct. IT systems can appear to be in order and run fairly smoothly until they are required to perform non-routine actions. Often, it is then, at the crucial moment, that the undetected errors literally wreak havoc.
It’s time to automate the secure configuration of your storage & backup systems.