Financial Services: Access Security Compliance

Check if you're compliant

A guide to US and UK financial services access security compliance

Detailing the risks of insider threat in the financial sector is arguably easier than in any other. With huge volumes of sensitive financial and customer data, the threat of all kinds of fraud and insider trading, banks and other financial institutions have a lot to lose when it comes to user security.

The high risk explains why financial services is one of the most heavily regulated industries, with US laws like Sarbanes-Oxley (SOX) and The Gramm-Leach-Bliley Act (GLBA), the Financial Conduct Authority (FCA) regulatory body in the UK, and global compliance bodies, for example the Payment Card Industry (PCI) Security Standards Council.

This guide looks at some of these requirements using research among finance industry workers in the US and UK to see how compliant today’s organizations are — and provides a user security checklist to help you with your compliance strategy.


Research report

The report follows a narrative of a user’s employment from what happens when they start employment, through the granular details of network access on to changing roles or leaving an organization.

  • Executive summary

    A brief introduction to PCI, SOX, GLBA and FCA regulation sets in the US and UK and how financial services organizations are complying with these regulations to protect financial and customer data.

    Read now
  • On-boarding new employees

    The steps taken with new employees to protect the organization and its clients’ information.

    Show Research & Guidance
  • Security training, awareness and procedure

    People related processes to protect access to sensitive financial and customer data.

    Show Research & Guidance
  • Network access security

    Technology’s place to minimize the risks from employees and decrease the surface area vulnerable to attack.

    Show Research & Guidance
  • Data access and necessity

    Levels of access control and monitoring needed to maintain integrity of data and ensure that sensitive data does not fall into the wrong hands, intentionally or otherwise.

    Show Research & Guidance
  • Moving jobs or roles

    Requirements to address access when employees move role or leave an organization.

    Show Research & Guidance