BITS, a nonprofit consortium of 100 of the largest financial institutions in the United States, last month published the BITS Guide to Business-Critical Telecommunications Services, which is intended to advance the resiliency of telecommunications services used by the financial services industry and strengthen the nations critical infrastructure. The BITS Guide helps financial institutions better evaluate and manage risks associated with essential telecommunications services.
BITS, which shares membership with The Financial Services Roundtable, was created in 1996 to foster the growth and development of electronic financial services and e-commerce for the benefit of financial institutions and their customers. BITS seeks to sustain consumer confidence and trust by ensuring the security, privacy and integrity of financial transactions.
Telecommunications resiliency is critical to financial institutions, their customers, and the U.S. economy. Events like 9/11 and the 2003 Northeast blackout have illustrated the financial industrys dependence on the telecommunications sector.
Since 9/11, the CEOs of BITS member companies have collaborated with the telecommunications industry to examine and address critical interdependencies between the two sectors. Experts from the nations leading financial institutions worked with telecommunications companies and government agencies to draft the BITS Guide to Business-Critical Telecommunications Services.
Written for business managers, continuity planners and other risk managers, the BITS Guide helps companies analyze risks, conduct due diligence, contract for telecommunications services and integrate evolving regulatory requirements into their business continuity plans. Each section of the document begins with a set of questions. The questions provide a starting point for a rigorous examination of a financial institutions business continuity strategy for meeting its telecommunications needs.
“Financial institutions must be vigilant and proactive to ensure the safety and soundness of financial services,” said BITS CEO Catherine Allen. “BITS members understand that security is not a competitive issue. The BITS Guide to Business-Critical Telecommunications Services is an outstanding example of how BITS members work together and with other industries to continually improve security and protect the nations economy.”
The guide highlights key considerations and poses questions business continuity planners and other risk managers should ask themselves and their service providers, taking into account regulatory requirements and changes in the marketplace. These questions are a starting point for a rigorous examination of a financial institutions business continuity strategy for telecommunications needs, and they serve as considerations in procuring adequate levels of service from telecommunications service providers.
Prior to 9/11, many in the financial services industry assumed that:
• Switched services in general, such as frame relay, inherently provide resiliency.
• More circuits mean more resilience.
• The Internet3 is inherently less reliable than telecommunications services.
• Diversity can be ordered as a contracted service.
• Internet Protocol (IP)-based services are not inherently reliable.
Since 9/11, many in the financial services industry and government have learned that more realistic assumptions are:
• Frame relay is shared among carriers and this raises concerns about diversity.
• Diversity remains an issue between the financial institution premises and the telecommunications point of presence (“last mile”).
• The Internet worked very well during 9/11 for messaging.
• Diversity must be engineered and means different things to different carriers and customers.
• More small circuits require more effort to monitor than a few larger ones.
• IP-based services can offer advantages.
• Means other than just diversity of redundant circuits can assure resiliency of the function they must support, such as Synchronous Optical Network (SONET) and proprietary service offerings.
• One can expect to pay more for telecommunications services that are specifically engineered (e.g., specialized versus standard contracting) to meet the resiliency needs of financial services companies.
Next Page: The guides recommendations.
Page 2
The guide includes the following recommendations for financial institutions, and states that they are essential for achieving resiliency:
Click here to read the entire guide, which is a 59-page .PDF document. The appendices include a comprehensive list of questions that should be addressed by any financial institution that relies on telecommunications to do business—which covers the entire industry.
Other BITS-sponsored papers and presentations can be found here.
Check out eWEEK.coms for the latest news, views and analysis on financial applications and services for the enterprise and small businesses.