siliconindia logo
CIO City >>  Expert  >>  

Santosh Neeraj

"The need for security assurance is always on increasing demand with no environment working in isolation"

 

Use and Implementation of Cloud in business
Banks are moving towards virtualization environment, which is first step toward Cloud deployment. It is possible for a banking environment to go on a private cloud but not on a public. Cloud environment by large yet to mature enough to satisfy the security of any financial environment. Cloud environment always brings Cost efficiency to business and are easy to deploy. Though, it also includes legal and security issues as the cloud service provider may provide service from one country while the clients may be anywhere in the world. Regulatory and security compliance is a real challenge under Public cloud environment for any financial institution.

Building an effective DLP program
Normally internet access in not required in the banking environment as all the applications are within the closed environment itself. There should not be any local internet access at branch level, rather only centralized internet gateway for entire organization. We need to ensure end point security in environment. DLP can be put across centralized e-mail and internet gateway of the organization to track file transfer in/out from organization. Rather than implementing DLP security in every end system we go about doing it in the central environment. The servers are generally hosted at the central data center which can be accessed by client branches. All business information in Core Banking System environment lies centrally at data center and can be leaked by sharing through corporate internet and e-mail. DLP can be implemented at these gateways and end point security is ensured at the closure points. The branch environment security can be ensured by implementing centralized Active Directory/LDAP along with end point security at end system to ensure no unauthorized access. The most important aspect is to ensure proper access controls policy for end user systems.

Ensuring Social Media as an asset for business
Despite its pros and cons, social media provides an easy and cheap platform for marketing and campaign with a huge number of people across the globe are connected to it. Social Medias offer a neutral platform for any organization providing wide reachability overcoming language and cultural barriers. Unlike TV commercial, interactions are instantaneous and feedbacks can collected in no time.

Maximizing the cost efficiency for information security
The need for security assurance is always on an increasing demand with no environment working in isolation and even increases more when it comes to cloud. The booming mobile technology has also brought in new threats and concerns regarding effective implementation of security on these products. Even if organizations purchase security products, the major challenge lies in its effective deployment.

Mobile devices to minimize threat, loss and risk
The vulnerability which once existed on a computer is now transferred to mobile devices. Most of the smartphone users do not know how to secure their devices, in turn offering hackers a ground for processing malicious activities. Security features implemented in mobile devices are not considered well enough for banking and transactional purposes.