SWIFT Members Increasingly Responsible for Security. MFT Can Help.

Global financial institutions rely on SWIFT every day to exchange information vital to secure payments. However, as members of The Society for Worldwide Interbank Financial Telecommunications (SWIFT) network know, the network alone isn’t enough to ensure safety. This is why SWIFT rolled out their Customer Security Program (CSP).

Within the CSP, SWIFT has established a Customer Security Controls Framework (CSCF) to establish baseline guidelines for secure user behaviors within the financial services industry. Meeting the SWIFT CSFS guidelines can be tricky and cumbersome for organizations working off scripts, keeping track of high-volume transfers, and dealing with information movement across disparate protocols and places. 

As the security onus is increasingly placed on SWIFT members, Managed File Transfer (MFT) is increasingly being leveraged as a solution that can help secure payments and meet SWIFT security demands. 

SWIFT: Operating Under the Shared Responsibility Model

For longtime SWIFT users, the dynamic has been changing. Originally touted as “the world’s leading provider of secure financial messaging services,” SWIFT now positions itself more as a frictionless, fast solution with “a reliable, safe and secure approach." This approach includes the creation of the Customer Security Controls Framework, which propounds 21 mandatory controls and 10 advisory ones for ensuring the security of SWIFT member transfers. In other words, much of the security of your SWIFT network transfer is up to you. 

The SWIFT CSFS security controls are arranged under three objectives, with the following principles:

1. Secure your Environment
2. Restrict access to the internet
3. Segregate critical systems from general IT 
4. Lessen the attack surface and reduce vulnerabilities
5. Implement physical security for the environment
6. Know and Limit Access
7. Prevent credential compromise
8. Segregate privileges and manage identities
9. Detect and Respond
10. Detect anomalous system or transaction activity
11. Plan for information sharing and incident response

In-network SWIFT breaches have called attention to the need for increased security, as SWIFT-leveraged attacks on the Bangladesh Central Bank, a Russian financial institution, and India’s City Union Bank illustrate. For their part, SWIFT now provides things like “stronger default password management, enhanced integrity checking and built-in multi-factor authentication (MFA),” along with a new AI-enhanced fraud detection capability. 

For SWIFT network users, much of the responsibility of getting files and other communications across the line securely is primarily up to them. And that is where robust MFT, like GoAnywhere comes in. 

GoAnywhere MFT: Changing the Game as Middleware

GoAnywhere Managed File Transfer provides a secure, multi-protocol file transfer solution that relies on automation and centralization to streamline the transfer process. It sits between disparate external entities and internal solutions (third-party transfers) or between disparate internal systems and themselves (SFTP, FTPS, HTTPS, APIs, SMBs). In short, it interconnects and facilitates secure file transfers from anywhere to anywhere. 

However, it is less widely known that GoAnywhere also acts as a capable middleware product. In this role, GoAnywhere can do things like:

• Process files
• Converge file formats
• Read and upload files into an internal database

And more, sharing functionalities with ETL (Extract, Transform, Load) and ESP (Enterprise Security Bus) solutions. The ability of GoAnywhere MFT to act as middleware is transformative for financial institutions on the SWIFT network. That is because GoAnywhere can seamlessly connect, secure, and bolster a wide range of processes, making them not only more streamlined but more SWIFT-compliant. 

Here’s How GoAnywhere MFT Supports SWIFT Security

GoAnywhere MFT supports secure SWIFT transactions by providing a robust, secure, and auditable platform to secure payments - and the information that goes along with them. It does this by:

• Applying the appropriate level of encryption to each file type. These include industry-standard encryption protocols like Open PGP, GPG, AES, SSL, SSH, AES, and more. 
• Encrypting files in motion and at rest. Ensure that even if SWIFT is compromised, your sensitive financial files aren’t. 
• Working across environments: on-premises, cloud, hybrid, or SaaS. This lets you transfer data securely from anywhere to anywhere. 
• Offering a wide range of deployment options; Azure, Windows, Docker, Amazon EC2, Linux, IBM i (i Series), VMWare, AIX, UNIX.
• Automating secure workflows. Secure file transfer automation ensures regular transfers and large batch transfers are delivered promptly and configured correctly every time. 
• Identifying transaction security errors that would undermine secure payments over the internet with premier auditing and reporting capabilities. 

GoAnywhere controls every single file that is processed, making sure that each SWIFT transaction is securely processed and guaranteed delivery. If something goes wrong, GoAnywhere immediately notifies the party responsible so they can react in the most time possible and avoid complaints from clients – or worse.

What’s at Stake?

Financial institutions know that each SWIFT file could potentially contain a million-dollar payment; that’s why security cannot be left to chance. SWIFT is one of the most widely used financial communications transactions in the world, making it a prime target for attackers. Attempts to infiltrate the SWIFT network will not stop and, if anything, will only increase in sophistication. 

Organizations today cannot afford to rely fully on the security practices of their cloud provider, their SaaS application, their open-source code, or their financial transaction platform. Today, security is a responsibility shared by all involved entities.