Taking security seriously

One of our current clients is one of the big UK high street banks, through our partnership with Cranfield School of Management. It was a very interesting experience to work with them on implementing their 360 feedback project, mainly thanks to the insight it gave into how culturally different big banks are from many other organisations.

One of the key differences is their attitude to security – they take it very seriously indeed. This is entirely as it should be – you don’t want hackers to be able to get your bank details through their web-site, do you? (Just think of TK Maxx!) So they insisted that we pass a number of very stringent security checks (relating to business continuity, backups, login credentials, etc.), as well as pass what’s called a penetration test, or ‘pen test’. This involves a professional hacker spending a week trying to break into your system! Thankfully we passed the test (hooray!), but it’s amazing how many tricks they try. (If you haven’t heard of hacking techniques like cross-site scripting, session spoofing, brute-force attacks or SQL insertion, these guys sure had!) This was quite an inconvenience, not least when they sent 5,000 emails to our marketing department from the ‘contact us’ form on our web-site!

In the process we learned a lot about how paranoid the IT people in big banks have to be to stay a step ahead of the hackers…


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s