logo

SIT719.3 Keeping Data Private | Deakin University

   

Added on  2020-02-18

12 Pages2766 Words94 Views
Running Head: ASSESSMENT 2- KEEPING DATA PRIVATE1ASSESSMENT 2- KEEPING DATA PRIVATE
SIT719.3 Keeping Data Private | Deakin University_1
ASSESSMENT 2- KEEPING DATA PRIVATE2Table of ContentsExecutive Summary.........................................................................................................................3Technology Solution........................................................................................................................3Organizational Change....................................................................................................................7Conclusion.......................................................................................................................................9References......................................................................................................................................10
SIT719.3 Keeping Data Private | Deakin University_2
ASSESSMENT 2- KEEPING DATA PRIVATE3Executive SummaryEnsuring confidentially, integrity and authenticity of the data is the main goal of anybusiness organization. Organizations like banks hold vital data which consist of customerfinancial information, customer personal information, history of financial transaction and otherorganizational employee data. Cyber-attacks, frauds, and hacking are the major threats to thisdata and hackers put in continuous effort to compromise these data to get financial gains. Thus,the banks need to employ a strong technology based solutions in order to ensure the security andprivacy of the data. In this report, a defense in depth security solution is recommended for thebank which provides the security in a layered manner making it more effective. The technologysolution segments the banking network and makes use of devices like Unified ThreatManagement appliances, Fraud detection systems, Network Access control and Networkanalyzers to ensure that the banking network is safe and secure from these kinds of attacks.Employing these technology solutions requires changes in the organizational process and thusrequires changes in the organizational policy and employee training. This report explores allthese aspects in more detail. Technology SolutionAn essential entity that keeps organizations like banks to be functional is its data. Thebanks hold huge data of customers which comprise of the financial information of customers,their personal details, their financial transactions, etc. it is thus necessary to ensure security,privacy, and confidentiality of this data. Since this data contains vital financial information it isunder continuous threat coming from both internal as well as external sources. Some of them are
SIT719.3 Keeping Data Private | Deakin University_3
ASSESSMENT 2- KEEPING DATA PRIVATE4the cyber based attacks, hacking of the data for carrying out frauds, ATM Skimming, phishing,spoofing, etc. Banks need to prepare themselves to counter such attacks and save themselves andtheir customer’s money from being dragged into miscreant’s accounts. The security solutionrecommended to the Common Wealth Bank thus is to apply the defense in depth approach tosecuring the data and the entire premises (Andress, 2014).The defense in depth strategy providessecurity solutions in a layered framework manner. If one layer of the defense is compromisedthen the other layers of defense hopefully prevent the full attack on the database. The mainaspects to look upon are using the defense in depth security framework are the technologysolutions, the people, and the operations. This section explains the main technology solution andtheir impacts on the security and privacy of the data of the bank. The network of the entire bank is to be segmented into various segments. The Webservers, the email servers, the data servers are more vulnerable to cyber-attacks and thus theseservers must be on a private network with communication restricted to some internal as well asexternal hosts. This form of isolation is accomplished by creating a subnet known asDemilitarized Zone (Harkins, 2016). Thus, DMZ network and Private network are in isolation afirewall or an intrusion detection system can be placed before them to monitor the traffic. Suchconfinement by the DMZ prevents the network from email spoofing, phishing, flooding anddenial of service attacks (Hanafizadeh, 2014).Instead of selecting firewall or an intrusion detection system before a DMZ it isrecommended to make use of unified threat management system which is a standalone appliancewhich combines firewall, IDS/IPS, VPN, email and web filtering systems into one single device.Such UTM shall provide choke points for the traffic entering and exiting from the network andthus the traffic can be monitored for any kind of active attacks. The firewall shall provide the
SIT719.3 Keeping Data Private | Deakin University_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
JP Morgan Data Breach
|5
|722
|96

Security Management
|11
|2837
|284

Cyber Security Article 2022
|5
|1172
|24

Status of Network Security - What Works and Does not Work and Why | Report
|17
|4184
|44

Ransomware & Malware
|5
|581
|276

Big Data Privacy: Balancing Personalization and Privacy
|19
|4957
|121