The pandemic forced digital transformation onto the world in 2020. Business continuity emergency plans were implemented – some fared better than others. The Endpoint Ecosystem study takes a critical look at regulated industries that jumped ahead of the curve in terms of security and employee experience and why others fell behind. In this article, we examine how the Finance Industry stacks up. 

By leveraging the insights from the data, leaders in banking, insurance, and investment companies can improve their employees’ experience and simultaneously strengthen protections around company data. 

Compared with other highly regulated industries, the financial sector possesses several impressive strengths. However, the Endpoint Ecosystem study also identifies several areas where financial institutions are vulnerable and have opportunity to improve.  


Employees in Finance have a Password Problem 

Let’s start on a positive – that being that the Finance Industry has better password hygiene than other industries. That considered, it is still not nearly as good as it needs to be. 69% of Finance employees are choosing work passwords that are easy to remember while 18% admit to resetting their passwords every day. 

What is more alarming are the methods Finance employees are using to store their passwords. 33% of employees are still writing work passwords in personal journals, 29% are storing passwords in the notes app of their phone, and 42% keep work passwords in an Excel or Word file on their PC.  

Considering that a majority of cyber-attacks start with a compromised password, employers in Finance should commit to going fully password-less -or- provide their employees with a password management tool. 


Shadow IT is Causing a Dilemma 

The Endpoint Ecosystem study makes it abundantly clear that shadow IT is a major vulnerability in the Finance Industry. Shadow IT refers to the use of non-sanctioned  technology systems, devices, software, applications, and services. Users are trading security for convenience and may be unaware of vulnerabilities in the products they are using. This raises the chance of data breaches.  

Shadow IT appears to be a bigger problem in Finance than in other regulated industries. A particularly concerning statistic is that 61% of financial employees are more efficient while using non-sanctioned apps like Dropbox and Gmail. Additionally, 52% of Finance workers say their security policies restrict the way they work and 49% admit to finding ways to work around those same security policies. These figures exceed findings from employees in other industries. 

Financial employers should anticipate that shadow IT will only worsen as remote work becomes the norm and as Gen Z floods the workplace in the coming years. IT departments will need to identify the right tools to empower remote workers while simultaneously reducing their need for unsanctioned apps. 


Security Awareness is Stronger in Finance  

While Shadow IT is causing many vulnerabilities, cyber security awareness is stronger in Finance than other regulated industries. The study reveals Finance to be more mature in many aspects of the Endpoint Ecosystem when it comes to awareness training and security policies. Over half of financial workers receive security training each month and over three quarters of employees are using multi-factor authentication when available. 

The Finance industry should be applauded for their forward-thinking attitudes toward security in their environments.  


The Financial Sector has a Perception Problem 

Despite having tighter security protocols and more security training than other regulated industries, workers in Finance still feel that their employers are not taking data privacy as seriously as they should be.  

The Endpoint Ecosystem study shows that over half of finance workers feel that their employer should be considering data privacy more. Additionally, more than a third of finance workers feel as if they have not been adequately trained to protect company data. These statistics come despite 53% of Finance workers receiving monthly security training and 61% of employees seeing a security policy each time they log into their computer.  

This weakness in employee perception means financial companies need more effective methods of communication with employees on security.


Remote Employees Are Well Supported in Finance 

Despite needing more technical support than other industries, Finance workers are more satisfied with the technical support they receive than their counterparts in other regulated industries. In fact, the Endpoint Ecosystem Study shows that 80% of remote workers feel that their experience with technical support has improved since the start of the pandemic. This stat runs in parallel to 78% of finance workers reporting that their job satisfaction is higher than what it was two years ago.  


What Can Be Done to Improve? 

To begin building a stronger Endpoint Ecosystem in the Finance Industry, companies must work to understand how their security controls impede work by engaging employees in small groups and understanding employees’ daily processes. Using Microsoft Defender for Cloud Apps in addition to Admin Consent, employers can begin to relegate SaaS-based Shadow IT.  

Furthermore, to ensure finance companies are ready to meet the sophisticated security challenges, IT departments should look to adopt a Zero Trust Architecture. Zero Trust reduces breaches and significantly lower costs when a breach does occur. 

To learn more about how financial workers view their Endpoint Ecosystem, we invite you to download the Endpoint Ecosystem for the Finance Industry study in full. Armed with the data from the study, our hope is that financial institutions will identity ways to improve endpoint security and employee experience for their workforce.