Information technology has now become a priority for organizations around the world, and banks are especially targeted by hackers. Even more so are the banks in the Asia-Pacific region. That is because information technology is very expensive to protect and most banks in the region have not invested in it.
Any organization where information technology is not secure will have to suffer both financial loss and the credibility of investors and customers. Information leakage can lead to huge fines by regulatory bodies, leading to the elimination of the organization itself. An example could be the US customer credit reporting agency 'Equifax', which fined the US $ 575 million for failing to secure customer data.
To mitigate the increased risk now, the security of information technology, including banks, government, and non-government offices, large business houses, needs to be addressed. Information technology systems can be secured by adopting the following techniques and measures:
Patching Cycle:
Any technology used in the organization must be 'updated'. They should be regularly upgraded through patches or updates to the system in use. For example, Microsoft releases Windows software updates on the second Tuesday of every month. Microsoft Windows users can avoid all kinds of risks and viruses by updating their desktops, servers, ATMs, etc. monthly. Updates to other tools related to VMware, third-party software networking and information technology are also needed.
Firewall: The firewall only gives access to the required information on any system. Because of this, nothing new or reliable will get into the system. The firewall must be at least two levels. The first one protects the traffic from the outside while the second protects the inside traffic.
Antivirus:
Antivirus is the means to fight against any virus that attacks the system. It works to detect and remove any viruses or malware that may have been spread to the system.
Zero-Day Security:
There is no fixed security system for Zero-Day risk. This type of attack is performed by the malware released on the same day. This requires the use of Zero-Day Security technology to secure email, network, etc.
Email Security:
Email is the main source of viruses, spyware, malware, etc. Hackers can target system users with various phishing and spam links. That's why securing gateways to email is very important. Providing email gateways can protect against risks such as adaptive email security, automated detection, and sanitization, antispam and phishing, virus scanning.
Risk Management:
Risk management can be minimized and managed by keeping the information and statistics of the organization in different groups. Software and tools such as Elin Vault Unified Security Management, Komodo HackerProof, Tripwire IP3, used in risk management, scan the system and generate a list of high, medium, or common risks.
Discontinued use of closed software:
Hackers can easily attack any company using closed and unsupported software and hardware. For example, Microsoft has shut down support for Windows XE, with no patches or updates available. No such system should be used.
Dual authentication:
The dual authentication method must be used to access any critical server system. The second option for authentication prevents unauthorized access even if the password is hacked. For example, by sending the code to the mobile/email even after the password is used, the RSA security method will be used.
Classification of statistics or data:
Statistics/data are the most important asset for any organization. Statistics can be customer statistics themselves or customer statistics. First of all, the facts need to be grouped as confidential, prohibited or made public. The person who collects the data must be grouped separately through various software, such as numbers with a credit card, password, financial transaction, etc. If anyone tries to print that data, send it by email, copy it to PenDrive, and upload it over the Internet via FTP / HTTP, the data leakage prevention software can be alerted. Using DLP technology can prevent leakage of information from employees of the organization. For this, Force Point DLP Solution, Symantec DLP Solution, Check Point DLP Solution, etc. can be used.
Data encryption:
In different groups, it is important to encrypt the information/data securely on the server so that it can be used only by the encrypted person. Encryption can also be done on an individual or collective basis. For example, when a group key is encrypted for use only by employees of information technology, those files cannot be opened or used by anyone other than those employees.
Fim and SIM:
FIM (File Integrity Monitoring) logs and records all changes made to the file system. Through this the core operating system file, program component, system configuration, etc. can be protected. It also helps to prevent the abuse of the staff concerned. Similarly, auditing or logger users' records can be investigated through a SIM (security information and task management). For example, if an employee has made an unauthorized change on the server of a banking system, the SIM also keeps logs and video. The Netrix Monitoring System can be helpful.
Unauthorized Admission (Penetration Testing) Check:
Unauthorized access to information systems should be checked monthly, quarterly, semiannually or annually. This is even more important for large companies. Doing so also involves checking if the system is likely to be hacked under controlled conditions. There is a high risk of the hack from exposure to penetration testing.
DDoS (Distributed Daniels of Service): By attacking DDoS, hackers can use multiple compressed systems to send down excessive requests to the information system. To avoid such attacks, DDoS security technologies like Crowdflower Prevention Solutions, F-Five Networks, Black Lotus should be used.
Privilege management:
Special rules should be made regarding the use of information systems to avoid (internal) and other users' risks from their own employees. For example, the right to access the system can be given on the basis of the work and duties of the information system staff. By giving access to what database a worker is doing, as well as assigning certain read-only, read-write, change-based access to networking devices, high-security tasks (eg database changes, network changes, use of critical servers, etc.) A timely token system should be implemented and tracked.
HIPS (Host Base Intrusion Prevention System):
HIPS helps diagnose problems by analyzing the system's database state, software records, and file changes.
MDM (Mobile Device Management) and VPN (Virtual Private Network):
Mobile devices and laptops provided by the company can be secured with the help of MDM. For example, high-level employees use the email from mobile and MDM makes it secure. Policies such as remote wiping can be used to prevent mobile theft. With the use of VPNs, information systems and other employees can be remotely regulated and assigned to the network. Because of this, third-party vulnerable software should not be used.
Steam (wave application firewall):
Using WIFE can protect the software that is used externally or by software. For example, when using banking software steam can be created by securing various policies. For example, prohibiting use in non-user countries, prohibiting use in high-risk countries, and closing weak ciphers.
URL Filtering:
Virus, malware, etc. Internet is the main means of access to the company's network. This can be controlled through URL filtering on the employee's Internet use. For example, blocking unauthorized websites, closing file downloads based on extensions and types of websites, etc.
Employee Knowledge:
Specialized employees should be informed about the risks and problems that may arise in the information system at the outset. Higher alertness should be undertaken through training in the mediums and causes of the risk, in advance.
Finally, there are many instances where hackers are the most vulnerable security systems in the world. But the information system can be greatly protected by using the techniques mentioned above. Such technology is expensive, but the investment or cost of the data of the company or organization is minimal. Investing in the security of information systems will prove to be beneficial in order to avoid major financial losses in the future.
Writer Sushil Karki has worked in Arab Bank, Australia for ten years working in information technology in the banking sector.
