Delivery in day(s): 4
ITC595 Information Security Paper Editing and Proof Reading Services
In recent times it can be stated that the different types of technology are playing a very vital role in the sector of the involvement of the framework of the working of the network technology. The sector of implementation of each of the technological aspect can be seen in more than one area so that there can be different types of benefit which can be achieved from the implementation sector. In most of the times it can be stated that security of the data can be stated to be very much important due to the factor that it directly impacts the sector of the operation which would be included into the concept (Soomro, Shah and Ahmed 2016). The security aspect which would be involved into the concept can be stated to be one of the factors which play a crucial role.
The main focus point relating to the report would be to take into consideration a domain of the project and provide a critical analysis on the sector of the working. The domain which is taken into consideration is the sector of banking. This is majorly taken into consideration due to the factor that it is one of the domains which can be directly be linked with the aspect of the security of the data which is prevailing into the system.
Name of the organization chosen
The organization which is chosen in the sector of the report is the Bank of Queensland. The bank is located in Australia (Peters and Panayi 2016). The main reason behind the selection of the organization is that it directly involves different sector of working which is related to the concept of the operation in the banking sector. There are different factors which can be included into the concept of the working.
Stakeholder of the organization
In the working of the banking sector, it can be stated that there are different stakeholders involved in the internal as well as external working of the organization. The different stake holder with the main interest which is applicable in the sector of the operation are stated below:
Influence and power
Director and manager
Share options, Salary, satisfaction of the job and status.
Make direct decision relating to the working of the organization.
Banking and other Lenders
Principle and interest to be repaid, credit rating and maintain.
Can directly enforce loan covenants can withdraw the banking facility.
Wages and salary, security of the job, job satisfaction and directly motivation (Erbenova et al. 2016).
Industrial action, service quality and staff turnover.
Value which is related to money, customer service, availability of the product and quality of the product.
Repeat/revenue business word of mouth recommendation.
Tax receipts, operate legally and jobs.
Subsidies, planning, taxation and regulation
Local jobs, environment and local impact
Indirect via the concept of the opinion and planning.
Prompt payment, long term contract and growth of the purchase.
Quality, price and product availability.
Nature of business of the organization
The nature of business which is majorly conducted by any of the banking sector and the other non-financial institute is that the banking sector majorly provide financial service and banking service directly to the clients. The Bank of Queensland is considered as a financial institute which basically provides the fundamental concept of the banking service for example providing loans and deposit. It can be stated here that there are other non-banking organization in recent times which get engaged into the concept of the providing different types of banking service without getting into the legal definition of the bank (Bai, Krishnamurthy and Weymuller 2018). The Bank of Queensland can be considered as a subset which is related to the financial service industry. It can be stated that the sector of the financial intermediaries, the bank directly plays a rule of important as institute of national finance which is every step of life deal with human. The organization directly provides different types of options to the customer relating the services which can be easily be adopted by an organization. In the sector of the operation it can be stated that the working of the banking sector should be directly be intended for the point of view of the customers so that they can easily get engaged into the concept of the working of the technology. The nature of the business which is related to the concept can be seen in the sector of both domestic and international (Safa and Von Solms 2016) The main aspect which should be included into the working of the organization would be in the sector of the security of the data which would be directly prevailing into the system.
Strategic security policy
The security policy in the working of the banking sector can be stated as one of the primary factor which should be taken into consideration. Some of the strategic security policy which should be implemented within the working in the banking sector are stated below:
1. The data of the customer should be protected so that they can easily save their personal data into the system of the bank (Lee et al., 2017). It can be stated that privacy aspect should be included into the working of the bank sector due to the involvement of crucial
2. It should be taken into consideration that the management of the data and the sector of the identification of data can be stated to be very much important in the sector of the implantation of the technique.
3. The confidentiality of the data should be taken into consideration so that the concept of integrity is involved into the concept of the working of the data.
4. Advise and assist user in the sector of the evaluation of the different factor of risk so that they can be implementation of the sector of the choosing of the appropriate working related to the concept.
5. The policy should be ensuring the aspect of the information security and the importance of their direct involvement.
Taking into consideration the aspect of the transaction it can be stated that there are different levels of policy which can be included into the concept and knowledge(Siponen, Mahmood and Pahnila 2014). In this case it can be stated that the concepts which is related to the approach can be stated to be working in a predefined manner which would be directly indicating the sector of the operation which is involved into the concept.
Potential threat and vulnerability
In the bankingsectorit can be stated that there are different types of threats and vulnerability which can directly impact the overall performance of the banking sector. Some of the threats which are majorly seen in the concept are stated below:
1. Threats to data: It can be stated here that the data which prevails in the system can be stated to be very much crucial in the aspect of the customer. It may consist of data which are personal including the email, user name and password (Peltier 2016). These data if goes into the hand of intruder can be stated as very much be a problem which alter the factor of data integrity of the data. The data would be very much secured from intruder activity due to the factor that it directly involves the aspect of the controlling of the data.
2. Control access of the data:It should be a concern area to check who is directly in control of the data. It must be taken into consideration that who has the direct access to the data which is stored in the system. In most of the cases it can be seen that there is different person who can directly access the data which can be related to the aspect of the removing the security implications which are inbuilt into the sector. It should be taken into consideration that only authorized user would be given the permission to directly access the data which is saved in the sector.
3. Misuse of data: It can be stated here that the misuse of the data can be stated to be very much important in the sector of the working of the technology. There are major functions which can be related to the concept which should be taken into consideration. As stated in the recent Forrester research that a great volume of data is in the sector of breach due to the factor of involvement of the employee inadvertently misusing the direct data.
Mitigation of threat and vulnerability
Standard of working
The organization which is taken into consideration which is the Bank of Queensland imposes strictest standard relating to the working. One of the factor of implementation which is done in the sector is the 128-bit system encryption which is the highest level of security which can be imposed. The aspect of providing a secured password can be stated to be one of the most primary factor which is related to the working of the concept. The password should always have a combination which cannot be retrieved by any person especially the intruders. Few of the points which can be stated in context of the password setting are stated below:
Changing of the spelling of few words.
1. Join different words together which would be involving some complication in the password.
2. Use of character which are not usual implemented.
Implementation of scanner
Implementation of scanner which is related to the data which is being processed should be included into the working of the banking sector. This would be beneficial in the sector of the restricting the entry point of the data. This majorly means that the access point which is related to the interaction of the system with the customers so that customer can enjoy different types of services related to financial aspect.
Implementation of Firewall
The implementation of the firewall can be stated to be another control mechanism which can be focused which would be directly altering the data which is present in the system. The control aspect is implemented by a manner in which the packets would be checked before it is allowed to be saved into the concept of the technology or the sector. In most of the sector it can be stated that the quality of data which would be existing in the system should be taken care of so that the system would be very much safe in the sector of the operation which is involved into the concept.
Monitoring of the system
The sector of monitoring of the system can be stated as one of the factor which can be used in the sector of the detection of any abnormal activity in the concept of the system. The monitoring would be beneficial in the sector of the early detection of the different threats which can be seen in the sector (Fuller 2016). The early detection of the threat can be beneficial in the sector of implementing a mitigation plan which is related to the concept so that it does not impact the overall working of the system.
The report can be concluded on a note that in the domain of banking it can be stated that the security of the data is one of the most important factor which should be focused upon. The serious sector which is related to the concept can be on the sector of the mitigation of the different issues which are seen in the sector of the working with the crucial information. There is different standard which is related to the concept of the operation which can be included into the concept which are widely discussed.
1. Bai, J., Krishnamurthy, A. and Weymuller, C.H., 2018. Measuring liquidity mismatch in the banking sector. The Journal of Finance, 73(1), pp.51-93.
2. Bauer, S. and Bernroider, E.W., 2017. From information security awareness to reasoned compliant action: analyzing information security policy compliance in a large banking organization. ACM SIGMIS Database: the DATABASE for Advances in Information Systems, 48(3), pp.44-68.
3. Dehling, T., Gao, F., Schneider, S. and Sunyaev, A., 2015. Exploring the far side of mobile health: information security and privacy of mobile health apps on iOS and Android. JMIR mHealth and uHealth, 3(1).
4. Erbenova, M.M., Liu, M.Y., Kyriakos-Saad, M.N., Mejia, A.L., Gasha, J.G., Mathias, M.E., Norat, M.M., Fernando, M.F. and Almeida, M.Y., 2016. The withdrawal of correspondent banking relationships: a case for policy action. International Monetary Fund.
5. Fuller, G.W., 2016. Introduction. In The Great Debt Transformation (pp. 1-24). Palgrave Macmillan, New York.
6. Kudakwashe, L., Rumbidzai, I.C., Keith, C., Gift, M. and Kaseke, N., 2016. Challenges faced by the Banking Sector in tapping the untapped Informal Sector Market in Zimbabwe. International Journal of Marketing and Technology, 6(9), pp.21-38.
7. Lee, J., Yoo, B., Lee, H., Cha, G.D., Lee, H.S., Cho, Y., Kim, S.Y., Seo, H., Lee, W., Son, D. and Kang, M., 2017. Ultra?wideband multi?Dye?sensitized upconverting nanoparticles for information security application. Advanced Materials, 29(1), p.1603169.
8. Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.
9. Peters, G.W. and Panayi, E., 2016. Understanding modern banking ledgers through blockchain technologies: Future of transaction processing and smart contracts on the internet of money. In Banking Beyond Banks and Money (pp. 239-278). Springer, Cham.
10. Safa, N.S. and Von Solms, R., 2016. An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, pp.442-451.
11. Scarlett, L. and Boyd, J., 2015. Ecosystem services and resource management: institutional issues, challenges, and opportunities in the public sector. Ecological Economics Growth, 115, pp.3-10.
12. Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
13. Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), pp.215-225.
14. Tuna, G., Kogias, D.G., Gungor, V.C., Gezer, C., Ta?k?n, E. and Ayday, E., 2017. A survey on information security threats and solutions for Machine to Machine (M2M) communications. Journal of Parallel and Distributed Computing, 109, pp.142-154