Web Gateways,
Redefined.

Designed for Distributed. Built for the Cloud.
Delivered as a Service.

Blog

IP Whitelisting the Missing Link for Financial Services Organizations Moving to Cloud

Privacy is paramount in the financial sector. Exposure of company data, which may include customer PII, due to security breaches affects not just the reputation of the business that failed to safeguard the data, but the larger economy it contributes to.

In finance and in other sectors, this threat is real and its impact substantial. Those charged with ensuring this does not happen to their organization go to enormous lengths to measure and reduce risk. That’s why businesses will employ strategies such as role-based access controls, data classification policies, and strict access lists to reduce risk by siloing data and granting permissions only to required entities.

In the digital age, IP whitelisting is a fundamental component for reducing threat surfaces when making services or data available to internal and external customers or business partners.

As enterprises adopt cloud-based SaaS so they can refocus their efforts on core competencies, concerns over how to maintain the status quo with respect to IP whitelisting has been one of the main sticking points in the financial sector’s hesitation toward leveraging cloud services for security.

For starters, most, if not all, financial businesses won’t move their gateways to the cloud en-masse to avoid data sovereignty violations in certain locales that require on-prem security features, and more broadly to avoid the unpredictability of partnering with multi-tenant cloud services.

But on a fundamental level, all traffic that comes from a cloud web gateway that’s shared by multiple cloud customers will come out of the gateway featuring a shared IP address or pool of IP addresses. That layout makes cloud gateways a non-starter for many financial services because it removes the ability for their business partners to distinguish traffic from their trusted partners from other users of the cloud service.

This presents a difficult balancing act for securing financial networks. Today’s advanced threat landscape demands denser defenses than ever before but consumer demand expediency in service that a bulky security infrastructure can inhibit. While a shared-cloud web gateway may cut down on latency to meet consumer tastes, it puts those same entities at risk by removing a critical feature – IP whitelisting – of an effective security strategy.

The iboss Distributed Gateway Platform leverages a node-based architecture that allows businesses to leverage non-shared gateways with dedicated static IP addresses to meet their secure web gateway needs. Businesses can also deploy physical gateway nodes where they need to in order to comply with sovereignty requirements.

 

Read more about why the iboss Distributed Gateway Platform is the right fit for finance in our whitepaper “The Top 7 Reasons iboss Fits for Financial Services.”

Joe Cosmano has over 15 years of leadership and hands-on technical experience in roles including Senior Systems and Network Engineer and cybersecurity expert. Prior to iboss, he held positions with Atlantic Net, as engineering director overseeing a large team of engineers and a network operations center. As a data center engineer for XOS Digital, where he architected and supported a mission critical data center infrastructure and network. Joe also held a position with the National Center for Forensic Science, where he lectured law enforcement on cyber threats. He has a Bachelor of Science in Information Systems Technology from the University of Central Florida and a Master of Science in Information Systems Security from the University of Denver.

 

Topics: