Research paper
Narahari7RK
Narahari_IP5.docxRunning head: SECURED COMMUNICATION IN BANKING NETWORK 1
SECURED COMMUNICATION IN BANKING NETWORK 4
Secured Communication in Banking Network and Benefits
Narahari Krishna Galla
University of the Cumberlands
Author Note
Narahari Krishna Galla University of Cumberlands Kentucky. You are here by granted permission to use this document for learning and research purposes.
Contact: [email protected]
Abstract
In the modern world, security has been a major concern to most of the Industries. Banking is one of them which have personal and confidential information of an individual and any data breach will have a huge impact. As attacks can be through different ways, banks cannot rely on one time security audits or environment checks. A unique mechanism called as Layered security should be implemented to detect the threats in early stages and should have an inbuilt mechanism which can categorize the attacks and respond quickly. By having a layered security, we are trying to investigate the network traffic and identify the areas which are vulnerable (Ashton, 2018). This will show the clear picture of the system and highlight what exactly is happening in the network. This article will provide details about different layers that should be used to safeguard the data by considering the dependencies and the available resources in the system. Multi-layer authentication and encryption techniques are followed protect sensitive data.
Keywords: Layered security, safeguard, encryption
Secured Communication in Banking Network and Benefits
An end-to-end protection to the system with multiple layers of protection, security devices, firewall’s, authentication and process controls can be grouped into a single layered architecture. By doing this we can we can ensure there is more scrutiny on the entire IT stack which includes all applications in the system. The below diagram depicts various levels of the system and how data can be securely accessed and also how phishing and malware can be detected and blocked.
Training & Awareness to employee
All employees should be provided with adequate training and they should be able to identify the threats and deal with them. Security awareness sessions should be mandatory while employees join the organization. These types of sessions should be conducted frequently so that everyone is up to date with the current trending methodologies. Griffith (2017) states that we can have a mock up false attack and analyze how the employees react and respond if it happens real. This way we can identify the behavior of each individual. Once they become expert in tackling such issues then the risks are reduced.
Network Security & Encryption
Logical Security & Log, Monitor and Alert
This is the most important layers where the access and authentication are more scrutinized. Instead of traditional single sign on, we can use multi factor authentication and also setup the level of access. Security Information and Event the administrators (SIEM) is a practical framework and advancement application that passes on a bound together point of view on all framework data. SIEM combines all logs and gives a sensible picture of what's happening in your framework.
Application Security
Internet access is provided to all the work stations. Each individual has to register for RSA secure platform where soft token will be generated every 1 min. When the clients wants to login , they need to enter their credentials to unlock the system first. Later to access the network they have to provide the User ID and password along with the key generated through RSA secure ID. Intrusion Protection System (IPS) can quickly detect and report if there is any mismatch after 3 incorrect login and the system will be locked. TSL security can be used for transferring the emails more securely due to its stronger encryption mechanism and also digital signatures can be assigned to them. This will enable only the authorized persons to access the emails. Email gateways can be enabled so that private and confidential data cannot be stolen.
Database Security
Data security should be in place and Data Loss Prevention (DLP) solutions should be used which can monitor and protect extreme sensitive data on the network. Since the data is already encrypted it should also follow the GDPR depending upon the location where the server is hosted. Database Firewall (DBF) and Database Active monitoring can be deployed at server level to track all the events that occur.
Conclusion
Even after implementing the best techniques in the market there can be chances that hackers can access and steal the confidential data. It is always suggested to have the security mechanism updated on a regular basis and all they should follow the regulations and should be in compliance. By implementing the layered security mechanism the extent of attacks can be reduced and also different kinds of threats can be categorized and analyzed. This will help in drafting the new methods to prevent the intruders.
References
Ashton, D. (2018, December 10). Why Layered Security is the Best for Enterprises. Retrieved from https://www.riministreet.com/blog/why-layered-security-is-the-best-for-enterprises
Griffith, R. (2017, October 23). 5 Cybersecurity Solutions To Benefit Your Bank. Retrieved from https://www.aureon.com/services/it-management/network/security/5-cybersecurity-solutions-to-benefit-your-bank/
Reeves, M. (2014, February 10). Top 5 Security Practices for Financial Institutions to Defeat Online Identity Attacks. Retrieved from https://www.entrustdatacard.com/blog/2014/february/top-5-security-practices-for-financial-institutions-to-defeat-online-identity-attacks
