Co-Operative Bank IS Audit
Besides, the IT framework should be security compliant. The framework here includes networks, databases, servers, applications and end-user systems among others.
IT Infrastructure Should be Security Compliant:
Besides, the IT framework should be security compliant. The framework here includes networks, databases, servers, applications and end-user systems among others. Periodic reviews of the security of the bank’s infrastructure and assets are a must to find out vulnerabilities and security loopholes. Appropriate actions need to be taken by the SCBs to fill the security loopholes and get rid of vulnerabilities.
Banks are obviously a high-profile target. The data they gather about their customers – both individuals and businesses – is extremely valuable to hackers looking to carry out an easy phishing attack, for example. Because their data is so valuable, they have to be aware of the risks and ready to protect it.
The three most common insider threats are as follows:
- Modifying or stealing confidential or sensitive information for personal gain.
- Theft of trade secrets or customer identification to be used for business advantage
- Sabotage of an organization’s data, systems or network.
Inventory Management of Business IT Assets
Maintaining an updated business and IT Asset Inventory register is a must for every SCB. It should have information about the details of every IT asset, its criticality and systems which contain customer information, and classify it according to the sensitivity.
Preventing Access of Unauthorised Software
Every SCB should maintain an updated and if possible a centralized inventory of the authorized soft-ware. They should also have a mechanism in place to monitor and block the installation of unauthorized software. Even the web browser settings should be up-to-date, and internet usage should be restricted.
Network Management & Security
Perform a regular configuration check on all the network devices and change their passwords periodically with some complexity. Wireless networks, access points, wireless client access systems should also be secured.
Anti- Virus & Patch Management
There should be systems in place to monitor the status of the patches of servers, OS and software which the SCB officials are using. Even the anti-virus management is a must and should be centralized.
Secure Mail & Messaging Systems
It is important to secure email and messaging systems. SCB’s vendors’& partners email and the messaging system should also be secured. Even the email server specific controls should be implemented and well documented.
The use of removable devices should be prohibited in the banking domain unless authorized specifically. Even when authorized it should be scanned for malware, viruses and ensure erasure of data post use.
Why Xiarch ?
Xiarch is an ISO 9001:2015 | ISO 27001-2013 licensed Cyber Security Company and IT Services Company with solutions providers in Information Security like VAPT Services, Penetration Testing Services, Vulnerability Assessment Services, Among our consumers we proudly work for Government Organizations, Fortune one thousand Companies and countless start-up companies. We are additionally Value Added Partners, Authorized Re-sellers & Distributor of Leading Web Application Security Testing Tools.
We are headquartered in Delhi and have branch presence in Gurugram, Mumbai and Chennai - India
Interested in our Co-Operative Bank IS Audit?
IT'S EASY TO LOCATE US
New Delhi - Head Office
Xiarch Solutions Private Limited
- 352, 2nd Floor, Tarun, Outer Ring Road, Pitampura, New Delhi, Delhi 110034
- [email protected]