A girl paying by credit card for shopping

How can BFSI companies secure critical data as employees work from home

4 min read

Strict restrictions on travel and movement are being eased off slowly and steadily by governments, paving the way for businesses to return to normalcy. But, going back to office with the entire workforce is likely to take longer than was expected earlier. As such, the pandemic seems to have changed the workspace dynamics, maybe for good, and remote work is here to stay even in the post-pandemic business world.

Working from home is no more a crisis management measure but part of a long-term business strategy, which requires proper planning for execution and internalization, to deal with challenges emerging out of remote productivity arrangements.  Enterprises across verticals have learnt it the hard way.  Industries, be it automotive, IT services, BPO, education, healthcare or pharmaceutical, have their own issues related to remote working. And being the backbone of many other industries, BFSI enterprises face even more serious risks and security related issues that need to be taken into account while implementing any remote productivity solution.

Challenges facing BFSI enterprises

Cashless transactions have been on an astronomical rise over the last five years or so. Because of the popularity gained by e-wallets and UPI among the masses, cashless transactions in terms of both number and volume have spiked. Digital transactions in India have seen a whopping year-on-year increase of over 50% for the past two consecutive years. Although the needs for customers visiting a retail branch for a transaction have reduced, it has not really translated into more remote work for BFSI employees. For, end-point security concerns that stem from the remote working scenario is way high for banks and insurers, as compared to any other industry.

BFSI organizations simply have too much at stake. Invariably every single business — small, medium, or large — is in business with at least one or two major banks and other non-banking financial services company. So, a single bank’s data loss or breach of privacy could essentially affect thousands of businesses and millions of individuals. Although this provides an acceptable justification for BFSI companies’ inherent reluctance towards sustained remote working, the prevailing pandemic has prompted them to re-evaluate their options and tweak their operational strategies.

Work-from-home worries for BFSI

Several organizations, including BFSI companies, have lately taken the leap, allowing their employees to work remotely. But, organizations cannot sail through this downturn unless the employees, contractors, associates, vendors, partners, et al., are encouraged and enabled to perform their roles securely and with equal efficiency, irrespective of where they are working from. A dispersed workforce, using unmanaged devices and unknown networks, present serious threats to corporate applications and data, making BFSI companies more susceptible to cyber attacks and malware attacks. Thus, companies rolling out work-from-home solutions must ensure a zero-trust remote access infrastructure to ensure strict compliance with security and privacy frameworks and deliver uninterrupted services.

End-to-end security is a must for remote work

BFSI organizations should look to implement work from home wherever possible, reducing the number of people needed at the workspace, to keep their businesses up and running, without compromising corporate resources and consumer data. But, they need more than generic solutions to tackle challenges specific to the sector and business requirements.

Regulatory Compliance
The BFSI industry comes under a number of regulatory bodies, like RBI, IRD, SEBI, and need to comply with standards, like PCI DSS, GDPR and GLBA. Non-compliance may eventually result in unwanted disruptions to businesses, leaving them with very little time to focus on core operations. A remote access solution, therefore, must ensure complete compliance.

Strong Endpoint Device Control
Before an end-user is allowed to access corporate resources, the user’s device must be scanned and the trust level of the device has to be evaluated. This trust level should be used to control the endpoint and ensure that the device is not compromised already and cannot be compromised during a remote access session. Internet restriction feature and the option to implement access policies based on the geographical location of the device are also needed by BFSI organizations to have complete control over all endpoints.

Strong user authentication
A work from home situation may expose internal business applications of BFSI organizations to untrusted networks that end-users use. The remote access solution has to secure the business applications by providing a strong authentication layer. A multi-factor authentication based on static and dynamic passwords, device signature, user location, end-point security level is what BFSI organizations need from remote access solutions.

Detailed Auditing
Organizations should be able to track and audit the access of corporate resources, in terms of user, location and time. They should always be able to track and report the endpoint details which can help track the location of access. Apart from which, a secure remote access solution should be able to provide details like which user used which application, how long an application was run, which IP addresses and URLs were accessed through business applications, etc.

Data Loss Prevention
A secure sandbox environment has to be created, which can limit the user applications and prevent end-users from copying data into their local machines or elsewhere from the corporate applications. This will also give the enterprises an option to control clipboard functions, printing functions, desktop session recording, file saving, USB devices and more functions.

Internet Access Restriction
When connected to the enterprise network, employees should be completely prevented from making any unnecessary visits to external sites. This internet restriction feature keeps all malware attacks at bay, as most malware attacks are done when an end-user visits an external site, when still connected to the corporate network.

Seamless Vendor Access
Working with third-party IT partners is a necessary for all BFSI enterprises. The remote access of internal corporate resources to these third-party vendors, should be given in such a manner that they are able to access the enterprise resources anytime, anywhere, while their end-devices are also completely controlled and monitored. The remote access solution implemented must leave no traces of any data on the third-party end-devices.

Simple and seamless users experience
An often-overlooked yet important feature is a consistent and graceful user-experience despite the presence of some tight security features. A remote access solution although should continuously monitor and evaluate risks at the end-device should still be subtle in its operation and provide an inviting environment for the user at work.


Apart from ensuring business continuity, the above features would also help organizations to keep their employees safe in the current pandemic, ensure customer satisfaction in trying times, and enable them to implement a secure remote work infrastructure for a long period.