Banks need to invest in consolidating identity management across the enterprise so that end-users can have a single sign-on across all product systems, channels and locations in order to facilitate and simplify identity management, Datamonitor says.
It is critical that banks use strong identity management for both customers and employees to ensure they can monitor and analyze who is accessing which systems and data and when, a report by the group says.
Banks must control every aspect of identity management, from user IDs, passwords and authentication to controlling access levels and monitoring usage.
Multifactor authentication remains an important piece of the security picture for banks, but regardless of the strength of authentication or any other such security measures, some breaches can occur. That means banks cannot depend solely on multifactor authentication as a means of preventing fraud.
Identity management enables banks to ensure that the right people have access to the appropriate information — whether its customers accessing their data, or giving staff access to everything they need to perform their jobs.
Banks also need to ensure that permissions are kept up to date so that new access levels are granted swiftly, but also that old ones are removed, the report says.