Safe Web Use Practices for Investment Firms
Regulating web use for employees via compliance handbook and URL filters for blacklisted (bad) and whitelisted (good) online resources has failed to improve compliance. Authenic8’s John Klassen discusses how firms are increasingly turning to a centrally managed and monitored cloud browser to regain control, unobtrusively maximize visibility into employees’ web activities and ensure compliance without sacrificing productivity or risking an internal backlash.
Pressure from the SEC and state authorities has increased over the past two years to remediate areas of cybersecurity weakness. Yet regulators and compliance professionals agree that alarming gaps remain in how regulated financial services firms use the web.1 Many firms still struggle to effectively control, secure and monitor employee web activities.
So what’s the holdup?
Industry insiders point to the ubiquitous use of a tool that was conceived almost 30 years ago: the locally installed browser. Many firms still use a traditional “free” browser for all their web activities, its inherent architectural flaws and vulnerabilities notwithstanding. At the same time, CCOs and IT are also increasingly aware of the risks associated with local browser use:
- Traditional browsers…
