Exness Head of IT Security, Stanislav Sharakhin, shares his thoughts on the growing importance of cyber security in the online world and gives insight on the steps Exness is taking to contribute to the cyber security community, both internally and externally.
Cyber security for online businesses has never been as important as it is today, with cyber attacks increasing year after year and cyber security trends growing exponentially to battle such threats.
Reducing vulnerabilities, securing networks, automating as many processes as possible and safeguarding data are all imperative components of cyber security and should thus form an integral part of any corporate strategy.
In the financial industry in particular, cyber attacks have been known to aim at destroying sensitive information, committing identity theft and even stealing funds, which is why investing heavily in protecting all systems and programs is so crucial.
To start with, let us just say that we live in the era of GDPR. This means protection, security, privacy and respect to all citizens in giving them the right to control the use of their personal data.
At Exness, our clients’ best interests are our utmost priority, and client data security goes part and parcel with it. Naturally, we operate both through security by design and default.
The former refers to taking all the technical measures possible from the onset of designing a product in a way that ensures privacy and data protection from the get-go; the latter refers to processing personal data in a way that ensures the highest privacy.
A good example of security by design is encryption, whereas security by default refers for example to storing data for the shortest period possible and making it available to as few eyes in the organisation as possible.
Our Support team for example is limited in using client data and have access only to what they need to do their job in assisting the client at that given moment.
In addition to living in the era of GDPR, we are also living in the era of hackers; the most skilled and ruthless hackers the internet has ever seen.
This means we must take every measure possible to safeguard our business from such dangers. As part of our plan of action in combating cyber crime, we invest a significant amount of our budget in employing external bug bounty hunters, also known as white hat services, to find any possible vulnerabilities in every system we build so that it is bullet proof before reaching our clients.
Success was never reached by pretending to be flawless so our focus is to find problems and fix them at an early stage, not to push them under the rug.
Identity fraud is one of the biggest threats in the modern digital world and we take all steps to prevent it, collaborating with our excellent Anti-Financial Crime team to tackle any possible dangers before they become a real threat.
As a broker that has always been at the forefront of industry-related developments, we follow all industry best practices as per the Open Web Application Security Web Project (OWASP) which provides excellent guidelines and sets the highest standards for the security of software, without bias.
We don’t believe in reinventing the wheel when it comes to protecting our clients, neither do we ever experiment or deviate from what has already been established as best practice in the greater world of finance and technology.
Luckily, there are incredible sources and standards which we can rely on such as the aforementioned, and we place our trust in them alongside some of the world’s greatest technological firms.
As for what’s going on behind Exness doors, important security developments within the company include, among others, moving our platforms to the cloud for operational excellence and security.
Cloud computing comes with countless benefits that truly make all operations smoother, safer and more effective. In terms of data security, using the cloud means that there will never be a fear of data loss due to hardware failure, as everything is backed on remote networks.
It is worth mentioning here that there has never been a significant data leakage in the history of the company; a fact we take great pride in considering the threats mentioned earlier that plague today’s online industries.
Furthermore, as part of our internal security program, we are conducting security awareness training for employees as well as internal phishing campaigns.
We believe that security is not just about technology and frameworks but is very much about how people think and act too.
The Cyber Security team at Exness has made a commitment to contribute to the greater IT community by hosting meet-ups at our HQ premises in Limassol, Cyprus, where we enjoy networking with other brokers and technology companies, giving presentations on various relevant subject matters and encouraging discussions and the sharing of expertise.
Internally, we are growing our Cyber Security team, the goals of which are 100% aligned with core business activity and key goals, and of course, with our clients’ best interests.
Our mission is not to impose, but to enlighten and educate, both within the company and outside it.
Disclaimer: The content of this article is sponsored and does not represent the opinions of Finance Magnates.