Data breach has always been a sensitive topic, let alone when the data breach is related to banking. In the mean time, there’s a breach was found happened to the online banking system of the competitive bank of First Union Bank, and the hacker had stolen quantities of customers’ personal information and data. It has been an alarm for all the banks, it reminds the whole society to be alert of the damage caused by the data breach. The Chief Information Officer of the First Union Bank is aware of how much it would cost the bank if we don’t adopt a measure to avoid the similar attacks, so he requests security plan to the IT Department. This plan is aim to protect the First Union Bank from this type of incident, which the attack is taking database as target. With this plan, the bank could protect the personal information of the customers and the database at the most. It could also assist the bank to minimize losses. Background:
Since The Security Policy of the First Union Bank is inadequate in terms of intrusion prevention and detection. Therefore the Bank steering committee has issued the instruction about it. Later, there was a compromise was found in the important system used for nightly ACH funds transfer. Also, some of the normal transfer files are missing, and the system is identifying my most trusted administrator as a user without normal write privileges when he’s trying to log into this application, which uses Kerberos as the protocol. Since the important application has been broke into, Kerberos could no longer be fully trusted. There must be some solutions to be implemented to determine Kerberos is not going to compromise anymore. There’s another fact about the attack. The LoanWrite, which is a loan-taking program runs on the Ipad tablets and used by the Bank loan officers team, has been compromised. All the loan officers have already had their data and access to the application stolen by the hackers. Plan:
Initially, it’s necessary to indicate why the Bank Security Policy is inadequate. First of all, it says that a timeout value of a minimum 15 minutes before systems log out the user and request the user to login again. Fifteen minutes is too long for a system to log out the user automatically. Usually, if people leave the system keeps login more than 5 minutes without any operating with it, then the user must be using other resources to assist the work. Basically, it’s not safe to keep the system logging in since the work is done. It provides chances for hackers to find the interstice to break into the system. When employees want to share computer-resident data, they should not use electronic mail, groupware databases, public directories on local area network servers, or other mechanisms as the policy recommended. This is because sometimes it takes much more time then people realized to discover the viruses, which have already broke into the system. Once the employee sends the infected file to another person, there’s much more chance for other user to be infected. Also, to transfer the data by e-mails or other kind of mechanism could be intercepted by the hacker and create danger to the bank by losing the data. There’s one prescript from the policy says that First Union Bank may purge e-mail messages for technical reasons. The bank has the right to delete or retain any or all electronic files, which includes e-mail of a former First Union Bank employee, which means the employee is no longer employed by the bank. This prescript is dangerous for the bank from two ways. It could offer the chance for hackers to destroy the evidences from hacking the system, it also hard to track. Also, the policy mentions appropriate reporting, including the reporting of abuse, policy violations and suspicious activities. Yet although it mentions the responsibility for reporting, but it not mentions other manners that should also be done during security incident management. Such as when defining the routines, it needs...
Please join StudyMode to read the full document