HROC Identifies MFA Hygiene Risk for Financial Institution

HRoCFinancial Institutions Weigh Sensitive Data While Competing on Customer Service

With the evolution of different types of financial institutions—online-only, online and in person, etc.—every institution works hard to differentiate itself. In physical branches, focusing on customer needs to build relationships is a key differentiator. 

In addition, financial institutions and their employees work with sensitive data daily, and keeping it secure and private is a huge priority, especially in regards to cybersecurity.

Prioritizing Addressable Risks in a Sea of Data 

A large financial institution with 100,000+ clients and several physical locations wanted to identify the most predominant cyber risks in their system, so they would know where to focus their efforts to bolster their security posture. They had a myriad of cybersecurity technology, but found it difficult to put the report data from each tool in context to really understand their biggest risks. All the alerts from each tool never helped them really understand what to prioritize. 

Their Chief Information Security Officer invested in Unify, the Human Risk Management platform from Living Security. 

Unify integrates with existing cybersecurity tools, then displays the data centered around the users—the humans. This human risk management tool shows which employees are behaving in risky ways—whether they’re aware of it or not. In one pane of glass—the HROC—this CISO can see the risk scores of teams, locations, and individual employees. They can then prioritize and execute action plans where they’ll have the biggest impact on the organization’s security posture. 

Human Risk Operations Center—HROC—Shows Human Risks in One Pane of Glass

The CISO used their Unify platform as their Human Risk Operations Center—or HROC—to identify risk at the human level. While their Security Operations Center (SOC) monitored technology alerts, the HROC showed risks at the human level, enabling them to see points of visibility in terms of teams, people, and locations. They can also get a lens into those who have elevated access to data and showing risky behavior. 

Unify’s HROC Uncovers Multi-Factor Authentication Misuse

In this case, the financial institution’s security team had implemented multi-factor authentication (MFA) about a year ago. They used Unify to monitor the multi-factor authorization (MFA) tool, to see how consistently it was used. 


While monitoring MFA hygiene, they noticed that one group of employees—customer-facing branch employees who interact directly with customers every day—were introducing risks by not using MFA adeptly.

In the past, the CISO and their team would have had to pull manual reporting from the tool, then track down the user information to understand that there was a specific issue in the physical branch locations for client-facing employees. 

Unify’s HROC made this information visible at a glance. 

Real Conversations at the Business Level to Solve for the Risk

Curious, they talked to some of the branch managers to understand why MFA protocol was not always followed. 

As it turned out, customer-facing employees were not allowed to be on their smartphones in front of a customer. These associates would be working on their computers, and the MFA pops up, but they can’t complete authentication at that moment because their phone is not at hand, and even if it was, they were instructed not to use it in front of customers. 

From a service perspective, it’s exactly the behavior you want to make the customer feel attended to and well-served. But it left employees frustrated, because they both required their phone in some cases but could not use it in other scenarios. 

The CISO never would have discovered the issue unless they’d seen the data in Unify at the human level, viewed at the role and location level on their HROC. They may never have made the correlation between the role of the impacted employees or why they were potentially putting data at risk. They may have never had the conversations with the team that were not only about cybersecurity, but also helped them understand business needs of the users and the impact of the user behavior on the in-person customer experience, which is a key differentiator for this institution. 

What’s Next? 

The CISO is working with branch managers to create an action plan that enables branch employees to authenticate right on the spot, without a smartphone. Now they’ll be able to focus on delivering quality, attentive, and efficient service while eliminating the frustration of needing their smartphones. 

Unify delivered a “good find” in human behavior that ends up delivering better security in easier-to-use ways. 

The CISO continues to turn to the HROC to uncover and help drive understanding of risks and how to mitigate them. 


Popular Articles

Cybersecurity Games To Make Your Employees Cyber Aware
metrics to track in your cybersecurity awareness training campaign
6 Metrics to Track in Your Cybersecurity Awareness Training Campaign
Know how to calculate your ROSI - Return On Security Investment?
What Is Human Risk Management? Why Should Cybersecurity Pros Care?

Subscribe To Learn How To Prevent Cybersecurity Breaches

Share this Article