spyThe man walked through the security doors after flashing his credentials. He wondered if the others had thought of this before. He woke up that morning knowing that his day would be different. He made his coffee stronger, and made an effort to kiss his wife before he left. Then, he carpooled to work; not because he needed a ride but because he enjoyed the irony. The irony of carpooling, to help the environment, only to arrive at work to destroy it. The man sipped the last of his dark, warm coffee and steadily walked through the Third Floor entrance where a sign read “no cell phones.” After a few small words with his co-workers, he found himself alone. But he wasn’t completely alone, he was with his cell phone and he was surrounded by sensitive information – information that was valuable to a lot of people on the outside. He was with his cell phone – the possibilities were endless.

Mobile devices aren’t like the other systems on your network, so don’t treat them like they are.

Smartphones, tablets, wearable computers, laptops and other mobile devices are great tools, but they’re not the same as desktops and servers. They connect to networks beyond your perimeter security, they run unknown applications, they move through your facilities with ease and frequently, you have no idea who is using them or for what purpose.

Simultaneously, trading floors are the cardiovascular systems of global finance. These critical infrastructures are heavily dependent on information technology, and thus, have been a target for attacks. Beyond market data leakage, theft of confidential customer information, electronic front-running and virtual insider trading, the theft of time-sensitive information is also a large vulnerability in these sensitive environments.

These financial institutions know the biggest threat for trading floors is the inappropriate use of mobile devices, which can lead to data leakage and insider trading.

Instead of being reactive, financial institutions in the future must be able to survey all wireless devices. For instance, let’s assume that the third floor of a reputable financial institution is contains confidential customer information and adheres to a “no-cell phone” policy, while the rest of the building is neutral. These institutions must allow mobile activity on certain floors while operating under strict mobile monitoring in others.

What does this look like?

This looks like another situation in which the deployment of beacons or sensors is a necessity. As discussed in the past (see beacons), beacons are the most precise way to interact with mobile devices.
As much as secure access controls are imperative to physical security, the surveillance of all wireless-enabled devices and restricting various functionality based on location is necessary to maintain electronic security, safety and soundness of any sensitive location.

In order for a financial institution to be trusted, it must be able to trust itself. Securing trading floors and eliminating vulnerabilities is an essential move for the industry’s future. We must detect the Spy.

It seems that location-based security platforms will prove to be forefront of this essential move and will become the essence of the global finance’s cardiovascular system.

Featured guest blogger: Will Adams for AirPatrol