Access Restrictions. Darryl E. Gennie. Dr. Jodine Burchell

Confidentiality is the protection of information from unauthorized access. This is the assurance that information provided has not been made known to unauthorized persons, processes or devices. The application of this security service suggests information labeling and need-to-know imperatives are core aspects of the system security policy. Information, in today’s world, has value and everyone has information they wish to keep secret. Information such as credit card details, trade secrets, personal information, government documents, and many more. It was stated (Securitas Operandi™, 2008) that, we are bound to keep many secrets – corporate, staff, and personal secrets. We must keep this confidential information under wraps and earn the trust of employers, colleagues, and regulators every day. Mechanisms to enforce this include cryptography, which is, encrypting and decrypting data, access controls such as

In the document is also said that even when people have money in that bank people would go to the bank and go get their money since that bank was going to be a failed and it also said that after their failure the repressive effect on the spending of its clients. They couldn’t do anything to help the bank to crash even though they will all be crashed any day.

The article starts by giving the example of Wells Fargo recent problems of protecting client information. In the case of Wells Fargo, employees where using private client information to open credit card and savings accounts without their clients knowing about the accounts. The article explains things that an individual can do to help prevent this type of activity in the future. “Use technology to your advantage” (White). How checking of your credit report and recognizing what abnormal activity on your bank accounts help protect your personal information.

Bank of America is a multinational banking institute and one of the most trusted in the banking industry. This organizations sole purpose is to protect the customer’s confidentiality and assets by ensuring that data protection is the number one priority; however any organization when holding personal information can be a victim of data breach and BoA is not exempt. One of the largest risks BoA faces today is Mobile Banking. This consumer convenience is used by fifty percent of smart phone owners (Finney, 2014). Phishing is also threat to the banking industry; this strategy by hackers allows the extraction of consumer passwords and other sensitive information. Hackers targeting banking institution employees with convincing e-mails that fool them into clicking on malicious links-which ultimately compromise their credentials or

With the advance technology, banking has become a 24 hours a day and seven days a week ability. Not too long ago banks were only open from 9:00am to 3:00pm, workers and businesses rushing to get to the bank before they close. Paychecks were handed out personally not direct deposit, cashing or depositing a paycheck entailed a trip to the bank. Now most companies have direct deposit and the printed paycheck is becoming a thing of the past, this is only one example of how technology in banking has changed in society. The electronic banking (e-banking) can be described as the automated method of new and traditional banking services which reduce cost, and simplify front and backend process satisfying customers.

Financial institutions work with a large amount of data, often sensitive information. The computer software banks use are quite complex, which makes them a target for fraud and

If local branch employees are monitored accessing or causing damage to bank property and as a result are in violations of policy, they will be terminated, legal action will be pursued, and the that local branch will be put on probation for 6 to 12 months. Other industries may allow for these issues to go unnoticed but since the Great Recession mitigating fraud/cybersecurity (up to 18%) and and managing compliance (up to 29%) have reached highs as financial institutions struggle to combat these challenges. (Pilcher)

o Technology: In a technology driven world, it is important that banks in the industry ‘move with the time’. With respect to the big four, these banks have now introduced internet and cell phone banking as well as banking from the ATM; making the industry highly competitive. This technology aims to make banking for the client simple and accessible from anywhere. This new technology is aimed, once again, at the medium to high-income earning clients, who have access to these technologies.

Customer always have twenty-four-hour and seven days access to the bank website. They can easily access to the account to make payment, to transfer fund, to check their account balance when the bank is not in the operation hour.

Financial institutions, such as banks, are very susceptible to cybercrimes. Weaknesses throughout the security system leave the banks vulnerable regardless of the strength of the security measures. There are many threats and risks to banking institutions with some of the most common being malware, botnets, and DDoS attacks, as well as phishing and skimming. Inside attacks are also a threat to the security of banks as is customer fraud, also referred to as first-party fraud. Strengthening the security structure of banks and other financial institutions can be done by performing risk assessments and putting security programs in place where they will do the most good.

After the assessment and audit carried out on the protocol of operations of Bank Solutions, we identified uncontrolled access to event logs as one of the biggest security threat factor the institution is currently faced with. It goes without saying that as a result of this phenomenon, the institution’s information is at a great risk of alteration and even access by external entities. As a result, consumer protection is far from being guaranteed, as well as privacy policy being highly compromised. Some of the power users have access to event logs whereby they have administrative privileges of making changes to the captured information, majorly transactions information, putting into consideration that the power users are in a position to also change their own event logs. There is no guarantee of the trustworthiness and credibility of the power users, hence a precautionary measure has to be taken in order to cover this gap and enhance information security and privacy policy for the consumers.

Management of the bank does not share information and knowledge openly within the organization. Communication is rarely encouraged in this organization. Senior managers and managers do not

‘When, however, a bank ... goes further and advises on more general matters relevant to the wisdom of the transaction, indicates that it may, not necessarily obliged to, be crossing the line into the area of confidentiality so that the court may then have to examine all the facts including, of course, the history leading up to the transaction, to determine whether or not that line has, been crossed’

(Joseph; Stone, 2003) have said that the internet deals with a huge number of various financial transactions like customer payments, securities transactions applications for insurance acquisitions or loans. The result of the intention of the internet is to be an open network which means a high security risks are implicated with financial transactions. Today, different techniques and standards are presented in order to control these risks. Basic requirements are as follows: customer and financial institution have to trust each other; private data have to be encoded. No third party can be able to quickly get access to the private information such as financial transactions; It necessary to be guaranteed that the receiver and the sender have the same intentions. Gautam and Khare (2014) also reference about security issues in online banking by saying “Security violation can be categorized as Violation with serious criminal intention, Violation by 'casual hackers ' or Flaws in systems design and/ or set up leading to a security violation. E-banking system users still face the security risks with unauthorized access” (Gautam and Khare, 2014). (Mohammad, 2008) has a study about the emerging gap between banks’ expectations (or at least what their written customer policy agreements imply) and users’ actions related to the security requirements of online banking, the study discussed the issue about using online banking

Every bank will have to get the permission of the Reserve Bank before it can open a new branch. Each scheduled bank must send a weekly return to the Reserve Bank showing, in detail, its assets and liabilities. This power of the Bank to call for information is also intended to give it effective control of the credit system. The Reserve Bank has also the power to inspect the accounts of any commercial bank.