100 likes | 431 Vues
Banks Banking on Network Security. By Kelly Crancer p. 328. Security. 670,000 account numbers and balances were seized by New Jersey mastermind. Bank of America, Commerce Bancorp, PNC Financial Services Group, and Wachovia were the victims
E N D
Banks Banking on Network Security By Kelly Crancer p. 328
Security • 670,000 account numbers and balances were seized by New Jersey mastermind. • Bank of America, Commerce Bancorp, PNC Financial Services Group, and Wachovia were the victims • In the past, banks found the cost too high to invest in the security technology. • Now, the market value of personal information becomes important, causing banks to invest in the technologies.
Bank of america • Worm reroutes the bank’s URL to thief's browser • SiteKey-two factor authentication • Image • Phrase • Then, enter password • Unusual computer-answer a personal question
Wells fargo & company • “Out-of-Wallet” questions-not found on driver’s license • Key fobs-change password every 60 seconds • Two-factor authentication pilot-small businesses making electronic transfers will need the key fob
E-trade financial corporation • Customers with more than $50K-free Digital Security ID for network authentication • Displays new 6-digit codes every 60 seconds to log on with
Barclays bank • Online-transfer delays to detect suspicious activity • Due to phishing incidents-large transfers from victims’ accounts to “mules” accounts • Created based on e-mail solicitations • Monitoring actions • Notifies customers when logging in at different city than normal or numerous transfers
questions • What reason would a bank have for not wanting to adopt an online-transfer delay policy? • Customers can’t access their funds immediately. • Why is network security critical to financial institutions? • All the bank’s money is accessible via the computer and could be stolen with little record of where it went.
questions • Explain the differences between the types of network security offered by the banks in the case. Which bank would you open an account with and why? • Bank of America has the best form to fit my needs with the two-factor authentication. • I don’t see the need for key fobs with different passwords so frequently with Wells Fargo. • E-Trade would be better for their customers with large sums of money using the device with a new code ever 60 seconds. • Barclays’ delays would not be as important to me, with smaller sums of money because I need immediate access at certain times.
questions • What additional types of network security, not mentioned in the case above, would you recommend a bank implement? • I think a device with fingerprint hardware would be very valuable to online bank users. • Identify three policies a bank should implement to help it improve network information security. • Be willing to change with technology. • Make users change their passwords frequently. • Have monitory verification managers to watch suspicious activity.
Current information • Vishing-(high-tech scheme, low-tech tool) using the telephone to ask for account information • Makes the caller ID look legitimate • “phishing”-V stands for voice • If you get a call requesting this information, hang up and call your bank • If it was a real bank request, they will let you give it when you call back • Otherwise, report the caller • VishingScams-Dialing For Your Dollars • By Justin Pritchard, About.com • http://banking.about.com/od/securityandsafety/a/vishingscam.htm