Security of Information Systems in Organization: A Bank Model

Abstract

Security of Information Systems concentrates on the collective efforts of all institutions to produce markedly secured Information systems to help deal with the threats or problems of Identity management within and outside the banking institution. Identity Management (IDM)” refers to the analysis of procedures of utilizing technologies, models/methods, standards/mechanisms in order to manage essential information in the institution’s network about the identity of all users, and control access to Bank resources. In this project, apart from the design implementation and analysis, emphasis was also placed on the Identity Management(IDM), which guarantees the Identity and Integrity of every registered users in the Network in order to apply appropriate access policy, deliver visibility into Network activity, and secure the local, centralized, distributed, and web/globalizes management of remote devices, while providing Authentication, Authorization, and Accounting functionality across the institution’s Network devices. The Security of information systems and the need to have an effective management system in any organization cannot be overemphasized, because any attempt to undermine this laudable objective in any organization could obviously lead to an array of conflicts/crises within the organization. Essentially, this project is focussed on a design of a security requirements, analysis, and policy formulation in organization with a bias in the banking industry. Availability of such model can help management to formulate policy in terms of the security of operations in the system. In particular, the policy spells out the various authentication and authorization actions to be carried out by clients and personnel in the bank. However, there are strings of threats such as identity theft, “phishing mail”, false accounts, fraudulent loans, wire fraud, credit card fraud, etc associated to the system. In other to have effective system in place, the system must be such that is capable of detecting these threats before they are carried out. DOI: 10.5901/mjss.2013.v4n7p101