"Building an effective DLP programme is based on data discovery, data classification, and data leakage points"

Use and Implementation of Cloud in business
As bank we don’t have a policy to say no to the cloud, but there has to be a business prospect to use it. Once the business prospect is identified, we follow the regulatory requirements set by the RBI and our own internal security requirements to examine security of the cloud; finally it will be put forth before different board approvals of the bank before adoption.

Building an effective DLP programme
Building an effective DLP programme is based on data discovery, data classification, and data leakage points. So a DLP programme with these appropriate controls will give you real operational value.

Ensuring Social Media as an asset for business
Social media is new tool. It comes with its own set of pros and cons. So we constantly work to ensure that it is used appropriately. We are currently using social media for customer engagement only and not for transaction banking.

There are multiple potential threats involved in the use of social media. It can become a platform where cyber criminals may target the bank employees with fishing mails and other malicious software. We are educating our employees to conduct themselves in the social media so that they don’t become the targets.

Maximizing cost efficiency for information security
Maximizing cost efficiency and internal buying can both be answered if you are having a truly risk based approach and if you are able to put forth cost benefit analysis.

Mobile devices to minimize threat, loss and risk
To minimize threat, loss and overall risk when it comes to mobility in banking we have recently launched an app for iOS platform. We ensured that the total architecture of the app goes in hand with banking standards and pass required security tests. We will be coming up with similar app for other popular mobile platforms like Android and Windows Phone.