90 likes | 197 Views
Technology Security Risk Management. Technology Security Risks. 1. Data Confidentiality risk 2. System Integrity risk 3. System Availability risk 4. Customer & Transaction Authenticity risk 5. Customer Protection risk. 1. Data Confidentiality.
E N D
Technology SecurityRisks • 1. Data Confidentiality risk • 2. System Integrity risk • 3. System Availability risk • 4. Customer & Transaction Authenticity risk • 5. Customer Protection risk
1. Data Confidentiality • 1. Protection of sensitive information from unauthorized eyes & allowing authorized access only. • 2. Bank’s on line system should a level of encription appropriate to the type & extent of the risk.
2. System Integrity • 1. Accuracy, Reliability & Completeness of information Processed, Stored or Transmitted, between the Bank & its Customer. • 2. Bank should install Monitoring or Surveillance system that would alert to any erratic system activities or unusual online transactions.
3. System Availability • 1. High level of system availability is required for maintaining public confidence. 24x365 • 2. Adequte Capacity • 3. Reliable Performance • 4. Fast Responde Time • 5. Scaleability • 6. Recoverability Capability
4. Customer & Transaction Authenticity • 1. Cryptographic technologies should be used. • 2. a)User ID b)PINc)One-Time Password OTP d)Dynamis Access Code e)Digital Signature • 3. Customer Verification by a)what customer knows b)what customer has c)whatcutomer is given, one-time password d)who customer is Biometrics
5. Customer Protection • 1. Bank must ensure that the customer is properly identified & authenticated before access to customer information & allowing for transactions from accounts. • 2. Two-Factor Authentication technology should be used a) knowledge factor b) possession factor c) inherence factor