A modern and open administration solution is essential for pension funds to take advantage of the opportunities offered by digitization. These solutions are increasingly becoming the central interaction platform with which pension funds manage sensitive data and communicate with customers. However, this makes them attractive hacking targets. Pension providers have to guarantee the security of an online customer portal both internally and externally. In addition to denial of service attacks (DDOS) or criminals extorting money, dissatisfied employees can also try to extract data or cause errors in the system.
Securing against such cyber attacks is not a one-time action but a continuous process to be able to face the changing attacks. Technical measures and optimizing organizational processes can help arm against attacks. These include, for example, regular checks of data backups, anti-virus scans, encryption, key management, or evaluation of additional security measures. So cybersecurity is a time-consuming issue for pension funds that they should not underestimate. Here, management systems in the “Software as a Service” (SaaS) model come into play. Their great advantage is that the solution provider is responsible for security. The software is licensed on a subscription basis and hosted centrally by the provider rather than installed and managed at the pension fund.
User-friendly online portals are indispensable for a modern pension fund, but they must be well protected against cyber-attacks because they are available on the Internet.
The SaaS model brings many advantages to the pension fund because the required security measures, updates, and support come from the software provider.
Pension funds are not powerless against cybercrime: they can verify the resistance of management software to attacks.
Web applications are a gateway for classic hackers. However, many valuable measures exist to avoid being passively exposed to these attacks. Security integrated into the entire software development and lifecycle at all levels with a mixture of human and computer-controlled measures is the most effective. A cloud-based SaaS solution takes the burden of implementing these measures off pension funds, allowing them to focus on their core business.
Source: VPS magazine "Schweizer Personalvorsorge", September 2022