As if maintaining data security isn't tricky enough, now comes a wave of mergers that makes protecting data all the more difficult. It's hard to imagine a more likely time for security holes to open up than when two banks, rife with legacy systems, custom patches and unique protocols, try to mesh it all together. To make matters worse, mergers usually result in layoffs, and disgruntled, soon-to-be ex-employees will be tempted to take advantage of any security lapse.
Mike Lloyd, chief scientist at RedSeal Systems, a company that develops proactive security risk management software, refers to these as "toxic networks." If an acquired company has a different approach to security "you could be taking on a problem every bit as bad as toxic assets...If you attach to a network that's unacceptably weak, now you're weak." Each network needs to be reconstructed so IT personnel can have a complete view of all the networks to locate the best pathways to connect the networks, while securing assets and regulating who has access to which assets.