Responding to cyber threats with secure sign-on and authentication

In today’s digital landscape, cyber security is more important than ever. Trillions of dollars of transactions take place through trading platforms every year, generating huge amounts of sensitive data. Any downtime can be costly and create significant unrest in the market.

Cyber-attacks are becoming more common and also more complex. Threats have become more sophisticated and there is a need to constantly evolve to counter these. Cyber-attacks can range from phishing attacks to ransomware, or advanced techniques like advanced persistent threats (APTs).

The rapid adoption of remote working during the Coronavirus pandemic meant that many firms had to quickly implement security policies for remote workers outside of the firm’s network. This included users on unsecured Wi-Fi networks or using personal devices. The larger number of potential attack points poses a huge challenge for information security, and effective access policies are a key part of the response.

Evolution of secure access 

Security recommendations have changed over the years and evolved as the threats from cyber-attacks have evolved.

Historically, passwords were recommended to have random letters and symbols, to make them harder to guess. This reduces the threat of so-called brute force attacks, where attackers try multiple password combinations in rapid succession. Unfortunately, while such complex passwords are technically superior, they are difficult to remember for users. This can lead to weak passwords being set, and to passwords being reused over many applications. Effective security policies need to take account of human factors as well as technical ones.

Over time, recommendations have moved to suggesting a strong passphrase instead of a password, as these are harder to crack, due to the increased number of possible combinations. They can also be easier for users to remember because they often consist of a sequence of words or a sentence, which is easier to recall than a random string of characters.

Alongside this, the introduction of Multi-Factor Authentication (MFA) significantly improved security by adding additional layers of verification beyond just a password. It requires users to provide two or more verification factors, such as something they know (password), something they have (a smartphone or security token), and something they are (fingerprint or facial recognition). This makes it much harder for attackers to gain access, as they now need to compromise multiple factors. Even if a password is stolen or guessed, MFA ensures that the attacker cannot access the account without the second factor, greatly reducing the risk of unauthorized access.

Single Sign-On (SSO) has also helped improve security as it lets users at a firm login to any of the applications that the user has with a single set of credentials. With SSO, users only need to remember one set of credentials to access multiple applications and services, reducing the likelihood of password reuse across different applications. It also allows organizations to enforce stronger password policies, as users only have a single set of credentials to remember. SSO allows for centralized monitoring and control of user access, enabling administrators to quickly detect and respond to suspicious activities across all connected applications. Additionally, when an employee leaves an organization, administrators can revoke access to all connected applications by disabling a single account, reducing the risk of lingering access.

Secure access in Fidessa

At ION Markets, secure access is at the heart of all our product initiatives. Some of our recent developments for the Fidessa trading platform illustrate this commitment:

• Multi-factor authentication: Fidessa has introduced multi-factor authentication to our systems. This requires a code to be generated through an authenticator application and entered during the log-on process, significantly reducing the risk of unauthorised access to a Fidessa system.
• Single Sign-On: Single Sign-On allows users to log in to Fidessa applications with a single set of credentials, which can be used across other applications with Single Sign-On enabled. This ensures that IT and support teams can centrally manage the password process and ensure strong password management policies. For users, it simplifies the process of logging in, as only one set of credentials needs to be used across all applications using Single Sign-On and avoids weak reused passwords.

Single Sign-On is supported across multiple Fidessa components, including the Fidessa Desktop and FTW trading applications, the Fidessa Uploader Excel add-in, and the Fidessa Data Manager static data management tool.

If you are a Fidessa customer, contact your account manager for more information on these initiatives. If you are interested in how ION Markets can support your business securely, contact us today.