Directory of RSS feeds
Statistics

RSS feeds in the directory: 2817

Added today: 0

Added yesterday: 0

Business / Finance

The enemy within: who banks most of all threatens the security

Banki.ru: themes of the day 05.08.2018 at 21:00

Banking and financial news on the website Banki.ru

I have more than seven years worked in a Bank as head of the security Department. And during that time managed to make his threats from employees. So, who are the most dangerous for the Bank... in the Bank?

Leaders: time is short, and busy

They are the most dangerous. Because they don't have time for safety. And so in any field, not just banks. Managers realize the importance of our business the scale of business, but in practice to ignore safety rules. For example, without looking agree to the privacy settings by default. Or use weak passwords. I knew the Director, who always used the same password, and when it had to change, changed only the last digit. They can understand that time is short and busy.

All compounded by the fact that managers have access to the highest level to all company resources. Even if the boss does not use the special corporate services and does not apply to the databases, it gets the most important excerpt from the information subjected to analysis. And to access it the fraudsters are often more interesting than the database itself. Take the development strategy and plans of the company: is a value of a different order, so that the Director is the default target.

Quote

the last aspect — mobility. Now managers are less likely to work stationary from the office. They are constantly on the move and use gadgets. On these devices a lot of sensitive information, and managers often neglect the passwords and lock. In the end, the device can be forgotten in the waiting room at the airport. And before the security finds out about this and take something, the information has time to leak in the wrong hands.

What is the security in working with a Manager? Try to make contact with him and try to convey to him the importance of following the rules. It is difficult, time consuming and not always possible, but necessary.

IT specialists: file bomb with a delayed starting

they are in the ranking of hazards the second place. Critical in that, under the management of these people is the entire corporate infrastructure. Technical experts in security matters know more than others, but they can make mistakes or be a victim of manipulation. And the price of this error will be greater than the incident on the linear fault of the employee.

In my experience the most common cause of problems with IT was simple negligence: forgot to update the system or to lock out an account after an employee leaves. Sometimes those mistakes are costly. Although the human factor also has not been canceled: there were cases when system administrators abused the rights on purpose.

in This case shared by our client. Their system administrator has resigned after being refused promotion. But he left, and decided to take revenge: they left in the corporate infrastructure file-bomb — a program with a delayed start. She activated two weeks after the dismissal of expert and erased the configuration of the network equipment. As a result, the work arose: the staff could not send and receive emails, surf the Internet, and calls sales managers to be forwarded to the Director. The recovery system took a month. And would have to spend even more if no files to restore.

one caveat of working with IT specialists: their main task — to services was available. But these principles often run counter to security measures. So departments should engage in dialogue — it is in the interests of the business.

How to minimize risks in work with IT? Evaluate not only their professional competence: take account of the reliability and follow the loyalty. Do so in the hiring of employees and in the ongoing work. This is fundamentally because a good IT specialist, if you want, you will always find ways to circumvent technical controls. It costs, so the risks need to be taken to neutralize the other methods. The use of special security tools, of course, necessary. But in parallel have to build relationships and to control the human factor.

the back-office: their email address — the entry point for scams

they Have the third place. It is about those staff who handles requests for account statements and other operations, as well as those who serve the various banking services and maintains correspondence with clients, contractors and other parties. Their email addresses can become the entry point for fraud from the outside.

for Example, comes to the accounting Department a letter from the tax office and the accountant is worried, opens and reads attentively. Sender — a con man who created a mail similar to the valid address of office, and enclosed a virus. The spyware itself will be installed on your accountant's computer and will collect non-public information. This is one of the possible options.

Quote

Phishing, spoofing and social engineering — the most popular of external attacks, which today has to fight for financial institutions. Side attacking is the easiest and cheapest way, so banks will have to resist such attacks. And for this we need to work in three directions. First of all — to increase security-literacy staff to reduce the number of incidents due to the negligence or ignorance of the basic rules of information security. Next is to take engineering measures: to implement DLP (system against information leaks and insider actions) and SIEM (monitoring system events in the IT infrastructure). With these tools, an organization can monitor violations of security policies in real time and prevent them.

And finally, security needs to log all actions of the staff, to be able to investigate any violations, to install all involved and the circumstances.

Tellers: I want to earn, and the salary is small

the Fourth place in our ranking. Not the cashiers, but those who serves clients in the operating room of the Bank on deposits, leasing, lending and so on. This is a staff with a sufficient level of access to classified information and relatively low wages. The time is important because to earn in excess is not averse to many, and the proposals are: for example, Bank maps and databases are in great demand on the black market. But people in good positions much less willing to take risks a place for one-time gains in the 50-60 thousand rubles.

by the Way, filming in the operating room is not a panacea. The camera captures the violation, but to examine in detail six hours of video, you need about 12 hours of work specialist. And this is only the case if there are suspicions, collected in a different way. For example, complaints or inconsistencies in the papers.

And finally, let's be realistic — through operating rooms, there is a huge stream of customers. So breaking the rules because of the banal fatigue is also common practice. I have recently applied to the Bank — I had half an hour to answer the questions for identification. And the next time operator so briefly checked the passport that stretch it could almost be anyone. Or here's another: the worker unloaded from the database of the movements of the ten entrepreneurs, pasted in the body of the email and sent, businessmen appreciated each other. And because the specialist was good, but banking secrecy was violated.

to minimize such risks, should develop security policies for major types of sensitive data we work with tellers. It is primarily the customer base, financial details, information about transactions.

using the system against data leaks you can track all transactions with this information. A program can "remember" the documents and compare them with the entire flow of information in the Bank or to recognize the scanned copies of passports and cards. Search capabilities very much, and the more detailed program will be to understand the rules, the more effective will alert you about suspicious actions of employees.

Ivan BIRULA, security Director "SearchInform", Banki.ru