For decades, the most significant and most valuable assets of most banks were physical: buildings, currency, and infrastructure. Today, the most valuable assets for the majority of institutions are digital. These include account data, customer information, intellectual property (plans, templates, standard operating procedures, etc.), correspondence, documents, spreadsheets, and certainly the data that lives in your core applications. Unfortunately, this means every bank could lose millions with the wrong keystroke. Here are the top five easily-made IT mistakes with the power to shut down your bank — and the opportunities they present to improve your business when handled well:

Threat #1: Poor backup and restoration, business continuity, and disaster recovery practices. Each of these requires a unique set of strategies and practices. Backup and recovery are about recovering lost data from day to day, including data that gets deleted or is lost due to drive failure. Business continuity addresses major system failures, such as a server environment or a storage area network failure, where the objective is to get the bank operating again quickly. The challenges in business continuity are mainly technological. Disaster recovery addresses the loss of an entire location or facility due to any disaster (whether natural or human-made) where the objective is also to get the bank operating again. Other non-technical challenges, such as building damage, personnel loss, or other factors, may also play a part during disaster recovery.

Opportunity: Good recovery plans should include all conceivable scenarios, from natural disasters to ransomware attacks. A well-made business continuity and disaster recovery plan will encompass daily backup and restoration practices as well. During the process of putting together your continuity plan, you will be able to uncover and address vulnerabilities in your systems as well as shore up your investment in cyber liability insurance.

Threat #2: Poor security management. Overlooking this one can quickly cause your bank to lose money. Even with a good recovery plan in place, security breaches cost hundreds of thousands — or even millions — of dollars in downtime, reputation, and opportunity costs, not to mention the cost and disruption of re-engineering the environment to ensure it does not happen again. There was a time when having “adequate” patch management, firewalls, and anti-virus software were enough. Those days are long gone. Good security management now includes twenty security controls recommended by the Center for Internet Security, encompassing everything from automation and alerting to remote access, logging, cloud solutions, security testing, monitoring, and so much more.

Opportunity: Every bank needs to invest properly in security as an essential operating cost. Doing so builds safety and security into your operations, which brings stability and trust from employees and customers. This stability and trust give you “permission” to invest in innovation, product development, and market expansion.

Threat #3: Sloppy IT. This is a situation of “death by a thousand cuts.” Inefficiencies, people who leave because slow IT hinders their performance, data loss, not staying current with hardware and applications, no chance to innovate because IT is putting out fires constantly, stagnation — the list goes on. Sloppy IT is one of the leading causes of chaos and distractions within a business. Distracted people cannot focus on the future because they are constantly dealing with hourly or daily challenges just to operate. We all want “water cooler” talk to be about topics that move the business forward and contribute to a strong team culture, not focus on how people can’t get their jobs done because of an IT issue.

Opportunity: On the other side of the coin, optimized IT will be the building block for innovation, collaboration, creativity, and improvements throughout your bank. Well-run technology contributes to efficient workflows, time-saving processes, customer acquisition and retention, and logistics and can even help reduce cost and waste in some areas. Do a technology assessment with a third-party MSP like JMARK to discover ways to improve the way IT supports your institution.

Threat #4: Poor vendor management. The biggest threat is data loss when your cloud service or another connected vendor (like an MSP) gets hit with ransomware, and the encryption impacts your core business operations. This could be due to a lack of due diligence when signing with the vendor or a change in the vendor’s process or products that do not get fully vetted. We have all heard the stories about massive data breaches at Target and Home Depot. These came from connected vendors who did not properly manage the environment.

Opportunity: Fully vet potential vendors with the help of your managed services provider. While this may seem cumbersome, in the long run, this creates efficiencies because your IT provider can ensure that all the tools and applications you use every day will “play well” together. You may even be able to streamline some of the third-party services.

Threat #5: Failure to train. Every bank must now have a focus on technology and security training. There are multiple reasons for this, with security training for phishing and social engineering attacks being at the top of the list. But beyond security, training on software and applications, standard operating procedures, data management, and workflows that help people get the most out of their technology should also be done. Failure to train leads to complacency, which leads to a failure to innovate. When a business fails to innovate, it will eventually become the next Blockbuster — an outdated relic doubling down on obsolete services.

Opportunity: Training creates confidence. Your employees will feel safe and know that they are contributing to keeping the bank (and thus their jobs) safe. They will also have the confidence to do their best work, which will lead to proactive problem-solving, innovation, and improved morale.

Final Thoughts
Technology plays a part in every aspect of modern business operations, from workflows to communication, marketing, customer service, and beyond. Poor IT can cause disastrous results when not properly configured and optimized; however, great IT can provide the foundation for your bank to break new ground, accelerate your success, and achieve stable, long-term growth.