One of our current clients is one of the big UK high street banks, through our partnership with Cranfield School of Management. It was a very interesting experience to work with them on implementing their 360 feedback project, mainly thanks to the insight it gave into how culturally different big banks are from many other organisations.
One of the key differences is their attitude to security – they take it very seriously indeed. This is entirely as it should be – you don’t want hackers to be able to get your bank details through their web-site, do you? (Just think of TK Maxx!) So they insisted that we pass a number of very stringent security checks (relating to business continuity, backups, login credentials, etc.), as well as pass what’s called a penetration test, or ‘pen test’. This involves a professional hacker spending a week trying to break into your system! Thankfully we passed the test (hooray!), but it’s amazing how many tricks they try. (If you haven’t heard of hacking techniques like cross-site scripting, session spoofing, brute-force attacks or SQL insertion, these guys sure had!) This was quite an inconvenience, not least when they sent 5,000 emails to our marketing department from the ‘contact us’ form on our web-site!
In the process we learned a lot about how paranoid the IT people in big banks have to be to stay a step ahead of the hackers…