Paper Requirements: Banking account IndustryGroup Task:-Pick an industry for your overall 'theme' of your paper. Based upon this theme, each group member will research two articles that discuss a dat

IT Security Policy in the Banking Industry

University of the Cumberlands

INTRODUCTION

Information security problems are a big challenge to the banking industry players who their system are being compromised by hackers. Lives of people is being endangered by breach of privacy and security of their personally identifiable information as well as personally identifiable financial information. The attackers can use the PII to trace and attack the account owner. Also, an attacker can use the information to launch an identity theft. Thus, it is very important for security controls to be put in place to prevent such attacks as they can lead to loss of lives and property.

Outline statement

The paper explain the data breach that affect the workstation domain in the banking industry and how IT Infrastructure Security Policy can prevent such breach.

System application domain

1. Control standards

The companies that are in the banking industry should ensure all their workstations are password protected and all their workstations’ ports are disabled.

1. Baselines security standards

The operating systems that are being used in the computing device that are being used in the banking industry should have been tested extensively and all vulnerabilities eliminated.

1. Data processing and storage technology

The companies in the banking industry should be having active file filters in their workstations, which should delete any unknown file type that has been downloaded from the internet and prevent upload of files containing sensitive data.

1. Security issues associated with application and data

The challenges that companies in the banking industry are facing include unauthorized entities gaining access to workstation, unauthorized entities gaining access to systems, applications and data, vulnerabilities in the computing device’s operating system software, a user’s computing device being infected by malware, a user plugging in unauthorized removable device into the organization's computers, user downloading unauthorized items from the internet to the organization’s computers and users violation of Acceptable Use Policy.

Roles and responsibilities

1. Technology services that provides transmission of electronic data

The policies should be devised which aligns with the core objectives of the automobile industry in order to safeguards its name as well as create trust among its clients.

The policies should be aligned with the goals and objectives of the industry and should not oppose other data protection laws.

1. Segregation of data and voice networks

The data should be separated by their source domain.

Summary

1. Elements of infrastructure security policy

The elements of infrastructure security policy should be data and applications integrity, confidentiality, availability.

1. Best practices in creating and monitoring IT policies

The policies must be aimed at enhancing compliance with all government’s data protection policies.

Reference

O’Connor, A. (2010). Government policy, banks' strategies and the financial crisis: Contagion through interconnectedness. Vie & sciences de l'entreprise, 185-186(3), 59-75. doi:10.3917/vse.185.00