Recently, Finastra was hit with ransomware attacks and was forced to shut down a number of its products and services over the weekend. According to initial reports, the attacks may have been facilitated by the use of unpatched VPNs with known vulnerability issues.
While Finastra has not released the full details and scope of the breach, they have notified customers that they were forced to take a number of their servers offline to neutralize the threat.
The news of such a large and well-respected firm such as Finastra falling prey to an attack like this can have many thinking about their own security posture. Do we have unpatched VPNs? Do nefarious actors have the ability to move laterally once inside of our perimeter-based security? Can we globally monitor all connections in real-time to know the moment anomalous activity is occurring?
Finastra’s troubles highlight the importance of updating the legacy network architectures many fintech providers are built upon.
As the connectivity solution connecting fintech applications to financial services institutions, Trustgrid has built a platform that is designed for maximum security and compliance. From the beginning, security and compliance have been treated as first class citizens and are baked into every element of the Trustgrid Data Mesh Platform.
Let’s look at a few of the most important features:
Automated Patching and Updating. Unlike VPN connections all Trustgrid-enabled connections between fintech applications and FIs can be patched simultaneously during scheduled maintenance windows. This ensures that all connections are continuously compliant and have the latest security patches without the time consuming burden of patching each connection individually.
Zero Trust. An inherent block is placed on all traffic that does not originate from a known application or data source. Certificate-based authentication ensures that each resource is known and trusted. This can limit the blast radius of a breach by eliminating the ability for bad actors to spread laterally if a single resource is compromised.
Role-Based Access Controls. Access to the network control plane is locked down by user. User’s permissions can be granularly defined to allow least privileged access based on a users role. All user activity is logged and audited.
Centralized logging. All network access and change events are logged in the Trustgrid portal. These logs can be searched from within the portal or shared with 3rd party security tools for deeper real-time inspection via API.
Centralized Monitoring and Alerting. Through the Trustgrid Management Portal, traffic flows and status of all connections can be monitored. Thresholds can be set to alert administrators to anomalous traffic activity. Should something fall out of the pre-defined thresholds, alerts can be sent via Slack, Teams, Pager Duty or SMS.
Remote On/Off Switch. Should a breach ever occur, individual connections can be easily disabled and re-enabled without being connected to the network. All network and policy settings are stored so that traffic can be instantly reinstated once the threat has been mitigated.
As threats have become more sophisticated, connectivity solutions must keep pace. Unpatched VPNs, continuing to use perimeter-based solutions and limited access controls not only put your application and reputation at risk, but can mean downtime for your customers should the worst occur.
Managing legacy networking infrastructure and wondering if there is a better approach?
Learn more by reading our white paper: Connecting Appliations to Community Banks and Credit Unions
Chief Technology Officer
Steven Stites is the CTO and Co-Founder of Trustgrid, where he leads the vision and engineering teams behind the company’s innovative platform for secure networking and edge computing solutions. With over 20 years of expertise in network security, distributed computing, and cloud infrastructure, Steven brings deep industry experience to establishing Trustgrid as a trusted provider for secure, scalable application connectivity across FinTech, HealthTech, SaaS, and enterprise environments.
Leadership at Trustgrid
As CTO and Co-Founder, Steven drives the technical strategy, product development, and architectural direction at Trustgrid. He focuses on creating solutions that bridge modern hybrid ecosystems, empowering SaaS and cloud application providers to connect securely to on-premise resources with maximum reliability and performance. Steven’s guidance is central to Trustgrid’s integration of SD-WAN, Zero Trust Network Access (ZTNA), and edge computing into a unified platform, simplifying deployment, elevating data security, and supporting enterprise-grade operational scale .
Professional background
Before founding Trustgrid in 2017, Steven held senior technical leadership roles at Cisco, where he served as Senior Technical Leader for IoT Cloud and Cloud Web Security. At Cisco, he architected and led customer engagement for major SaaS security products, designing enterprise-scale networking and security solutions and overseeing technical vetting for large-scale technology acquisitions. Earlier in his career, Steven spent over a decade at IBM as a technical lead, driving development for network monitoring and distributed application performance products, and began as a software engineer researching sonar and signal processing at Applied Research Labs. He holds a bachelor’s degree in Electrical and Electronics Engineering from The University of Texas at Austin .
Building the Future of Connectivity
Steven’s vision at Trustgrid centers on advancing secure, cloud-like connectivity across modern digital environments, ensuring frictionless integration between public cloud, data center, and on-premise resources. His background in high-performance network design and distributed security shapes Trustgrid’s commitment to eliminating complexity in deploying, monitoring, and supporting thousands of application connections. He is also an inventor, with patents for secure network technologies and is recognized as a strategic leader with a rare blend of deep technical expertise and business insight .
About Steven Stites
Steven is a passionate technology executive and product architect based in Austin, Texas. His approach emphasizes pragmatic problem-solving, strong team leadership, and client advocacy, helping organizations leverage networking and security innovations to enable secure, scalable applications. He is highly regarded for his ability to clarify complex technical challenges, mentor teams, and deliver solutions that balance technical excellence with cost efficiency. Steven is deeply interested in machine learning, cloud security, and agile product development.
Connect with Steven
https://www.linkedin.com/in/srstites/
Or
Contact him at trustgrid.io