Professional Documents
Culture Documents
DISSERTATION ON
“Role of IT, Data Security and Privacy Issues
In Banks”
DISSERTATION PROJECT REPORT
(Equivalent to MBA)
ACADEMIC SESSION
2009 – 2011
BY: -
Gangadhar G
BM_09073
ACKNOWLEDGEMENT
It is arduous to pen down the extent of my feelings, yet through this
acknowledgement, I wish to convey my deepest regards and gratitude towards those
who helped me to carry out and present this work.
I take this opportunity to thank all the customers and employees of different banks
who spared their precious time to provide me with valuable inputs for project without
which it would have not been possible.
CERTIFICATE
This work has not been submitted anywhere else for any other degree/diploma. The
assistance help received during the course of investigation and source of literature
have been duly acknowledge. During his tenure at the project, he was found to be
sincere and meticulous in there work. I appreciate his enthusiasm & dedication
towards the work assigned to him.
I am hopeful that he will prove to be a good professional and wish him grand success
for the future.
CANDIDATE’S DECLARATION
I hereby declare that the work that is being presented in the summer project entitled
“Role of IT, Data Security and Privacy Issues In Banks” under the guidance of
Prof. Sachin Malhotra chairperson PGDM_IT, IMS Ghaziabad, is genuine work by
me done originally by me and has not been published or submitted elsewhere for the
requirement of a degree programme. Any literature, data or works done by others and
cited within this report has been given due acknowledgement and listed in the
reference section.
Gangadhar G _________________________
(Student's name and signature)
TABLE OF CONTENTS
SNO CONTENTS PAGE
NO
1 INTRODUCTION 7-9
2 OBJECTIVES OF STUDY 10
3 ROLE OF TECHNOLOGY IN BANKING 11-13
4 ADVANTAGES AND DISADVANTAGES OF 13-16
TECHNOLOGY WRT BANKING
5 SECURITY ISSUES IN BANKING SYSTEMS 16-25
A) INTRODUCTION
B) POTENTIAL BANKING SYSTEM INTRUTIONS
C) INTRUTIONS PREVENTION
6 TECHNOLOGY INITIATIVES TAKEN BY HDFC & SBI 25-27
BANKS
7 RESEARCH METHODOLOGY 27
8 DATA COLLECTION AND REPRESENTATION 28
9 TEST STATISTICS 29-34
10 ANALYSIS AND FINDINGS 35
11 PROBABLE SOLUTIONS/ RECOMMENDATIONS 36
12 CONCLUSION, LIMITATIONS AND REFERENCES 37-39
13 QUESTIONNAIRE 40-41
LIST OF CHARTS: -
INTRODUCTION:
With the advent of dynamic technological transformation in each and every
field of operation, the resultant fruits of technology have been reaped by all segments
of the economy and the banking sector is no exception to this. in fact the banking
sector has been one of the major beneficiaries although in some cases it was also an
adventurous one. While banks in India, particularly the new generation private sector
banks, has been at the forefront of seizing the advanced technological tools at an
aggressive rate of knots to improve the quality of deliverables to their clientele-base,
to keep pace with some of the international banks, the old private sector banks and the
state owned banks had to follow suit to retain their market share lest they would befall
as non-competitors and lose their preeminence in resources mobilization and credit
delivery.
Technology has opened up new markets, new products, new services and
efficient delivery channels for the banking industry. Online electronics banking,
mobile banking and Internet banking are just a few examples. Information
Technology has also provided banking industry with the wherewithal to deal with the
challenges the new economy poses. Information technology has been the cornerstone
of recent financial sector reforms aimed at increasing the speed and reliability of
financial operations and of initiatives to strengthen the banking sector. The IT
revolution has set the stage for unprecedented increase in financial activity across the
globe.
The Software Packages for Banking Applications in India had their beginnings in the
middle of 80s, when the Banks started computerizing the branches in a limited
manner. The early 90s saw the plummeting hardware prices and advent of cheap and
inexpensive but high-powered PC’s and Services and banks went in for what was
called Total Branch Automation (TBA) packages. The middle and late 90s witnessed
the tornado of financial reforms, deregulation globalization etc.
The customers can view the accounts; get account statements, transfer funds and
purchase drafts by just punching on few keys. The smart card’s i.e., cards with
microprocessor chip have added new dimension to the scenario. An introduction of
‘Cyber Cash’ the exchange of cash takes place entirely through ‘Cyber-books’.
Collection of Electricity bills and telephone bills has become easy.
1.To assess the Role of Information Technology in the Public Sector Banks, Private
Sector Banks and Foreign Banks
2.To Assess the Perception of the Bank Employees towards the Implementation of
Information Technology in the Banks
3.To find and analyze the basic issues and causes of data insecurity and privacy in
banks.
4.To find out and analyze the Technology readiness aspects followed in state bank of
India and HDFC with respect to security and technological advancements.
5.To find the probable solutions to improve the data security and privacy in banks.
3.ROLE OF TECHNOLOGY IN BANKING
Information Technology has basically been used under two different avenues
in Banking. One is Communication and Connectivity and other is Business Process
Reengineering. Information technology enables sophisticated product development,
better market infrastructure, implementation of reliable techniques for control of risks
and helps the financial intermediaries to reach geographically distant and diversified
markets.
In view of this, technology has changed the contours of three major
functions performed by banks, i.e., access to liquidity, transformation of assets and
monitoring of risks. Further, Information technology and the communication
networking systems have a crucial bearing on the efficiency of money, capital and
foreign exchange markets. Internet has significantly influenced delivery channels of
the banks. Internet has emerged as an important medium for delivery of banking
products & services. Detailed guidelines of RBI for Internet Banking has prepared the
necessary ground for growth of Internet Banking in India.
The Information Technology Act, 2000 has given legal recognition to creation, trans-
mission and retention of an electronic (or magnetic) data to be treated as valid proof
in a court of law, except in those areas, which continue to be governed by the
provisions of the Negotiable Instruments Act, 1881.
As stated in RBI's Annual Monetary and Credit Policy 2002-2003: "To reap the full
benefits of such electronic message transfers, it is necessary that banks bestow
sufficient attention on the computerization and networking of the branches situated at
commercially important centre’s on a time-bound basis. Intra-city and intra-bank
networking would facilitate in addressing the "last mile" problem which would in turn
result in quick and efficient funds transfers across the country".
1). Technology has opened up new markets, new products, new services and efficient
delivery channels for the banking industry. Online electronics banking, mobile
banking and Internet banking are just a few examples.
2). Information Technology has also provided banking industry with the wherewithal
to deal with the challenges the new economy poses. Information technology has been
the cornerstone of recent financial sector reforms aimed at increasing the speed and
reliability of financial operations and of initiatives to strengthen the banking sector.
3). The IT revolution has set the stage for unprecedented increase in financial activity
across the globe. The progress of technology and the development of worldwide
networks have significantly reduced the cost of global funds transfer.
4). It is information technology which enables banks in meeting such high
expectations of the customers who are more demanding and are also more techno-
savvy compared to their counterparts of the yester years. They demand instant,
anytime and anywhere banking facilities.
5). IT has been providing solutions to banks to take care of their accounting and back
office requirements. This has, however, now given way to large scale usage in
services aimed at the customer of the banks. IT also facilitates the introduction of new
delivery channels - in the form of Automated Teller Machines, Net Banking, Mobile
Banking and the like. Further, IT deployment has assumed such high levels that it is
no longer possible for banks to manage their IT implementations on a stand alone
basis with IT revolution, banks are increasingly interconnecting their computer
systems not only across branches in a city but also to other geographic locations with
high-speed network infrastructure, and setting up local area and wide area networks
and connecting them to the Internet. As a result, information systems and networks
are now exposed to a growing number
4. ADVANTAGES OF TECHNOLOGY
1. From both customer and banking perspectives it shows that the Internet is a
convenience tool available whenever and wherever customers need it. It is also found
that the Internet has improved the factors in service quality like responsiveness,
communication and access. It is concluded that the Internet has an important and
positive effect on customer perceived banking services and the service quality has
been improved since the Internet has been used in banking sector.
2. It's generally secure. But make sure that the website you're using has a valid
security certificate. This lets you know that the site is protected from cyber-thieves
looking to steal your personal and financial information.
3. It gives twenty-four-hour access. When the neighborhood bank closes, you can still
access your account and make transactions online. It's a very convenient alternative
for those that can't get to the bank during normal hours because of their work
schedule, health or any other reason.
4. It allows us to access our account from virtually anywhere. If we're on a business
trip or vacationing away from home, we can still keep a watchful on our money and
financial transactions – regardless of our location.
5. Conducting business online is generally faster than going to the bank. Long teller
lines can be time-consuming, especially on a Pay Day. But online, there are no lines
to contend with. You can access your account instantly and at your leisure.
6. Many features and services are typically available online. For example, with just a
few clicks you can apply for loans, check the progress of your investments, review
interest rates and gather other important information that may be spread out over
several different brochures in the local bank.
7. Technology has opened up new markets, new products, new services and efficient
delivery channels for the banking industry. Online electronics banking, mobile
banking and internet banking are just a few examples.
8. Information Technology has also provided banking industry with the wherewithal
to deal with the challenges the new economy poses. Information technology has been
the cornerstone of recent financial sector reforms aimed at increasing the speed and
reliability of financial operations and of initiatives to strengthen the banking sector.
9. The IT revolution has set the stage for unprecedented increase in financial activity
across the globe. The progress of technology and the development of worldwide
networks have significantly reduced the cost and time of global funds transfer.
10.It is information technology which enables banks in meeting such high
expectations of the customers who are more demanding and are also more techno-
savvy compared to their counterparts of the yester years. They demand instant,
anytime and anywhere banking facilities.
11.IT has been providing solutions to banks to take care of their accounting and back
office requirements. This has, however, now given way to large scale usage in
services aimed at the customer of the banks.
12. IT also facilitates the introduction of new delivery channels--in the form of
Automated Teller Machines, Net Banking, Mobile Banking and the like.
13.Use of de-mat account and online trading enables a person to buy and sell shares
any time. The share trading companies and AMC’s can give improved and faster
service with help of technology.
14.There are many useful features and services available online besides for the usual
transactions. For example, you can apply for credit cards, manage investments, and
pay bills through your online account portal. You can also perform more mundane
tasks such as ordering new checks, requesting additional deposit slips, or reporting a
lost or stolen debit card. Certainly the above-mentioned advantages if technology
have improved the quality of service in a banking and financial sector.
DISADVANTAGES OF TECHNOLOGY
1. Yes, online banking is generally secure, but it certainly isn't always secure. Identity
theft is running rampant, and banks are by no means immune. And once your
information is compromised, it can take months or even years to correct the damage,
not to mention possibly costing you thousands of dollars, as well. This generally does
not happen in case of traditional method of banking.
2. Some online banks are more stable than others. Not all online setups are an
extension of a brick-and-mortar bank. Some operate completely in cyberspace,
without the benefit of a branch that you can actually visit if need be. With no way to
physically check out the operation, you must be sure to thoroughly do your homework
about the bank's background before giving them any of your money.
3. Before using a banking site that you aren't familiar with, check to make sure that
their deposits are FDIC-insured. If not, you could possibly lose all of your deposits if
the bank goes under, or its major shareholders decide to take an extended vacation in
Switzerland.
4. Customer service can be below the quality that you're used to. Some people simply
take comfort in being able to talk to another human being face-to-face if they
experience a problem. Although most major banks employ a dedicated customer
service department specifically for online users, going through the dreaded telephone
menu can still be quite irritating to many. Again, some are
considerably better (or worse) than others.
5. Not all online transactions are immediate. Online banking is subject to the same
business-day parameters as traditional banking. Therefore, printing out and keeping
receipts is still very important, even when banking online.
6. If your bank operates only online or simply does not have a branch office in your
local area, you will not be able to reach a representative in person for discussion of
account issues. Normally this is not a problem, but sometimes customer service by
telephone or email can be spotty and may prove to be more of a hassle if you have a
serious issue that is not easily resolved. Some banks are better than others in this
department, so you will need to do some research if this is an important consideration
for you.
7. Using online banking effectively requires some basic computer literacy and
familiarity with navigating the Internet. While this is not a problem for people like
me, those who are afflicted with technophobia or are simply inexperienced with this
particular genre may not be comfortable with this concept. There are also a significant
number of people who are suspicious of anything having to do with the Internet
because it is outside of their comfort zone. Others are simply too stubborn
to acquire the relevant knowledge and skills.
Bank is one of the example of institute that using Information Technology (IT) in its
daily task to fulfill the organization’s and customers’ need. Business transaction,
money transfer, ATM, credit card, and loan are some tasks that were done every day.
Customers’ personal information stored by the bank is also considered as private and
should not be disclose to anybody with no authorization. Only legal staff and legal
bank’s customer can operate any of the tasks. Thus, bank has its own system to ensure
their transaction works the way it is and prevent any activity that could cause lost to
the organization and its clients or customers. Whether like it or not, some
irresponsible people are always exist to challenge the robustness of a banking system.
Even an amateur that claimed themselves as hackers could transfer a sum of money
from other account to his or her account without noticed. Bank account hacking has
caused millions dollar losses around the globe. How this could happen? Was there
any obvious weaknesses in the banking system that make it easily expose to treat?
This project would discuss about the intrusion of banking system. It is important to
realize how the security aspects in a banking system can influence such illegal
activities which are then lead to a great lost to the financial institution. Some
recommendations would be included in this article to help to reduce or prevent the
intrusion in the future.
INTRODUCTION
Technology nowadays gives an opportunity to satisfy the need of faster and efficient
banking transaction. Information system that is used in a bank is not only between
business to business (B2B) but also between business to customer (B2C).
There exists large gaps in the data privacy and data protection management which
arise due to:
• Threat from insiders.
• Outsourcing of sensitive data to third parties.
• Not protecting customer data from all possible angels.
• Negligent and belligerent users.
Intrusion is an action of accessing one place or system without the permission of the
owner. If a system has been intruded, it means that it has compromise with the
security aspects that is applied in the system. Intrusion might be done by anyone with
security knowledge and could happen for any purpose – to gain and alter confidential
data or to steal sum of money from the financial institution. Fault and failure caused
by this intrusion not only decrease the system performance but also client and
customer’s trust towards this financial institution due to the risk of losing their money
and assets in the bank. In U.S, the government requires banks to report all losses.
According to Michael Higgins, a financial computer security consultant of Para-
Protect in Alexandria, Virginia, banks usually want to avoid bad publicity by
reporting losses as accounting efficiency errors
Before an attack is occur, attacker build an attack network by scanning for open port,
poorly secure computer with no firewall or anti-virus software. A new program is
installed in the ‘zombie’ computer. The program can self-propagates and
automatically create a large attack network. It might possibly contain both the code
for sourcing a variety of attacks and some basic communications infrastructure that
allow remote control. These ‘zombie’ would send large number of packets to the
system at the same time and force the real requested packets to drop due to time out.
This type of intrusion can affect the availability and continuity of the banking system.
The financial institution would fail to conduct transaction with its customer, business
partner and vendors.
Another risk posed by the distributed denial of service attack is it can result a great
number of loss of time, customers, money, and also compliance violations. Common
risk that any financial institution or banking system would encounter is their
operational, reputation and their regulatory. The operational risk may arise from
fraud, error, or unavailability of products or services. Reputation risk is all about
operational disruption cause by denial of service, which includes errors, delays,
unavailability of information and the unauthorized access towards the system
information or the banking systems. The regulatory risk covered about the lawsuit and
enforcement actions towards the banks.
B. Data Breach
Financial institutions have to aware about threats that would affect the system security
in their organization. A data breach, one of the threat exists allows the information
and data to go out from the system, making it viewable to others. A data breach is a
very well known phenomenon where it involves highly sensitive and confidential data
that might have been viewed, stolen, and also have been used by any person or any
organization without being authorized to do so. For example in security data breach, a
case where involves five Connecticut banks are resulting from security data
Breach, affected from New Jersey Company that processes credit card payments,
according to the newspaper and Internet reports.
The effect of the data breach takes a great number of losses for the financial
institution, where their credit card companies such as Visa and MasterCard contacted
them about the breach, according to the internet site BankinfoSecurity.com Data
breach happens when there are loopholes in the banking system, enables those
unauthorized individual to get access to the system itself. It is due to the lack of
security assessment, and also resulting from poor security system. Many banks have
suffered loss when there exists data breach; losing information, losing capital, and in
above example, losing card credit information and thus might influence the
customer’s trust towards the bank’s service. Further analysis would result to several
issues relating to the data breach, is a poor authorization management and lack of
authentication mechanism, which will take to the confidentiality and integrity issue of
the system.
Loss of authentication or stolen identification, result from identity theft is the ticket
for the criminal or unauthorized individual to simply get the authentication needed
their own benefits. From the case example provided, the lost of credit card
information for the financial institution is mostly due to the lack of authentication and
poor authorization itself, that can lead to the data breaches. Without proper
authentication and authorization, an individual can act by entering the system
illegally, and thus taking any information they want. That is why the authentication
and authorization being the utmost importance to protect any information system,
especially when running a financial institutions.
Confidentiality and the integrity of the data in the system would likely been violated
whenever there are security data breaches, done by unauthorized person. The data
might loss its confidentiality when these unauthorized person view, alter or steal the
personal information of the customer or the information security of the organization
uses. The integrity of the system can also be affected, when these irresponsible people
alter and changing the data information in the system, for example exchange a sum of
money to their own account.
Malware
Malware is software program that design to alter and modify the computer’s system
without the authority of the user or owner, and this malware move from computer to
computer and network to network. Malware can be including viruses, Trojan horses,
worms; scripts attack and also rogue Internet code. The malware attack can influence
the confidentiality, integrity and availability of the banking system. In confidentiality,
malware attacks are all including capturing keystroke, passwords and credit card
numbers, uploading and downloading files, and also observing what is going on the
server’s screen.
An attack against integrity however is also harming the banking system, where it
modifies system, such as the infected file and also data. Corruption of data files and
also application files by unauthorized file writers, changing configurations of the
banking system and also overwriting data are all influence the integrity of the banking
system. Availability of the banking system can also be effected, where it includes the
deletion of files and subdirectories, renaming of files, reboot or disabling the security
systems and also denial of service attacks.
The damage resulting from malware attacks could be severe. An example for a
malware attack is ATM breaches in Russia and Ukraine. Trust wave, a Chicago-based
provider of information security and card industry have uncovered malware while
investigate ATMs in Russia and Ukraine, for over few month. During the attack,
about 20 ATMs were infected by the malware, allowing the attackers to steal data,
PINs and also money. In the case, they were certain that the attackers was an inside
work, because the attackers needs the physical access to the ATM in order to install
the malware, and execute it. Ti would also seem that the attackers could be someone
who gets a copy of the key to the ATM, opens the machine and loads the malware
into the system.
Another example is The World Bank Group's computer network as one of the largest
repositories of sensitive data about the economies of every nation has been raided
repeatedly by outsiders for more than a year. In this case, it is still not known how
much information was stolen. Sources inside the bank confirm that servers in the
institution's highly restricted treasury unit were deeply compromised with spy
software. The attackers also had full access to the rest of the bank's network for nearly
a month in June and July 2009. In total, at least six major intrusions occur, two of
them using the same group of IP addresses originating from China that have been
detected at the World Bank since 2007, with the most recent breach occurring just a
month before.
These two examples show the attacks done by malwares to the banking systems. In
the attacks, the information in the banking systems was compromise, the information
are either stolen or altered, and the security system in the banking system is violated.
The result by the attacks may lead to a loss worth millions, and also it also influence
customer’s trust and customer’s loyalty to the financial industry. Malware such as
spyware are the most commonly used by attackers in order to maliciously steal the
system’s information, and violate the system’s confidentiality and the system’s
integrity. The attackers as in the example are usually the worker or the insider of the
organization, installed the software program in order to gain illegal information and to
steal, modify, and also delete the information contained in the systems.
D. TCP/IP Spoofing
Technology helped HDFC bank in better serving their customers and at the same time
it gives competitive edge with respect to their competitors in the following ways:
• Auto loan
With the help of technology they are able to sanction the loan with in a short
span of three hours.
• E-mail account statement
In this case bank sends monthly e-mail statements to savings account- holders.
In case of current account holders’ daily\weekly\monthly statements are sent free of
cost.
• Round the clock mobile refilling service
The customers can now recharge his/her mobile phone
a) Through HDFC bank website.
b) At any HDFC bank ATM centre, or SMS.
• Easy shop business debit card
• Cash back
For every purchase of Rs 200 spent on customer business debit card at merchant
outlets, a customer will receive cash back of Re.1
• Petrol surcharge waiver
• Higher card limits
• Insurance cover-loss of baggage, fire, burglary
• Special alliances by master card
• Accepted worldwide
• E-age banking
a) Free PAP Cheque book
b) International debit card
c) Three free cash transaction on SBI/Andhra bank ATMs a month
d) Free net banking
e) Free phone banking and Free mobile banking
g) Free instaAlert
h) Bill pay
i) Inter-city\ inter-branch banking
j) Average quarterly balance requirements
Online investment in mutual funds
Technology in the banking sector has been an international phenomenon foe over two
decades. Technology implementation poses innumerable issues and options,
especially banks. The HDFC bank is using the latest technology to attract the
customers and also to face the tough competition.
Some of the technological initiatives taken by state bank of India in order to face
tough competition and to attract the customers on a large scale are
• Core banking solutions
• Networking of branches
• Automated teller machines (ATM)
• Mobile banking
• Internet services
• Advancements on technological fronts
• IT policy and IS security policy documentation
• Disaster recovery plan and back up
• Microfilming
• Other initiatives
The other initiatives taken by the bank are becoming a member of the society for
worldwide Interbank Financial Telecommunication (SWIFT) Enabling it to supply
secure messaging services, adopting electronic accounting system in Excise and
service Tax (EASIEST), adopting online tax accounting system (OLTAS) web
payment of central excise, payment of income tax and corporate tax etc..
The bank has made great strides in adopting technology on ward off competition
faced from the foreign banks and new private sector banks and because of this it has
led the bank from a mere government controlled bank in to a more responsible
organization to meet the challenges of a globalized economy. The threat of foreign
banks and new private sector banks are there to stay. IT allows the bank to meet the
stiff competition successfully and at the same time offers state-of-the-art banking
experience to the customers.
7. RESEARCH METHODOLOGY:
banks
Type of Data Used: -
Primary Data: -
The data from the Primary sources have been collected with the help Employees of
the Bank and customers through mails (gmail, yahoo), social networking sites like
face book, Orcut, linked In, Twitter etc…. with the help of friends.
Secondary Data: -
Secondary data is the type of data researcher collects from different informational
sources like as previously done work or research on similar topics It helps in
generating elaborative information about the topic or the research subjects .It also lead
to understand different perspectives about the given topics and varied findings
Sources of Secondary Data: -
1. Internet
2. Journals
3. Magazines
4. Articles
5. Newspapers
Area of Study: -
Across the country.
Sampling Unit: -
Convenient sampling Technique was used to select the Employees and Customers of
the Banks into the Sample Size. The sample size taken for the analysis is 100
including employees and customers.
TEST STATISTICS
TABLE: 1 showing the employees/customers perception related to performance of
work with the implementation of latest technology modules in their operation
Chart-2
CHART-3
Chi-Square Tests
Asymp. Sig. (2-
Value df sided)
Pearson Chi-Square 9.974a 4 .041
Likelihood Ratio 11.214 4 .024
Linear-by-Linear Association 4.559 1 .033
N of Valid Cases 99
Conclusion: -
From the above analysis it is inferred that null hypothesis is rejected, as
significant value is <0.05
Hence we can say that there is significant difference between the IT usage in
performance of work and in better serving the customers.
Symmetric Measures
Asymp. Std.
Value Errora Approx. Tb Approx. Sig.
Interval by Interval Pearson's R .008 .081 .080 .936c
Ordinal by Ordinal Spearman .080 .101 .789 .432c
Correlation
N of Valid Cases 99
a. Not assuming the null hypothesis.
b. Using the asymptotic standard error assuming the null hypothesis.
c. Based on normal approximation.
Conclusion: -
From the above analysis it is inferred that there is positive correlation exists
between the frequent update of technology and attracting the customers at a large
scale & in giving competitive edge to its competitors.
Chi-Square Tests
Asymp. Sig. (2-
Value df sided)
Pearson Chi-Square 34.575a 16 .005
Likelihood Ratio 35.918 16 .003
Linear-by-Linear Association .036 1 .850
N of Valid Cases 99
Conclusion: -
From the above analysis it is inferred that the null hypothesis is accepted as
the significant value is > 0.05. Hence we can say that there is no significant difference
between better serving and data security, privacy issues after implementation of
updated technology from time to time.
The software systems used by banks are being reviewed, modified and improved
from time to time by external agencies who are entrusted with such tasks and hence
the data going into hands of unscrupulous persons cannot be ruled out. Banks will
have to do masking and sub-setting of data before handing over the assignment for
development and testing. Sensitive and confidential personal information and
business data need to be protected from piracy, especially when reliable persons
transfer them across inter/intra offices.
User access rights are to be periodically verified and documented for surveillance.
Banks in the future may look to use ‘multiband’ authentication requiring use of
secondary device (such as smart phone) to confirm online banking transactions. One
of the most successful and widespread security strategies developed to combat data
theft is ‘one time password’ (OTP) technology. It adds on an extra layer of protection
that can help stem the tide of fraud.
Data loss prevention of business records and that of customers are the prime
focus of data security. The banks need to build customers’ Loyalty, trust and
confidence not only in terms of their product brands but also their data security
concerns. They may be authorized to view and correct their personal information and
have in place a redressal mechanism through mediation, arbitration etc.
Help line for customers to seek clarification and report abuse may be thought of. All
employees may be gently monitored at random, through surveillance methods
particularly new ones while they operate emails and inter-office correspondence.
It is also suggested that banks take up security mechanisms such as ‘whole disk
encryption’ to prevent customers and business data on laptop and portable devices
from being stolen or lost. It is therefore necessary for banks to secure their network
and enterprise systems and test their sensitivity from time to time.
While transacting records of information with outside business partners, extraordinary
care and caution need to be exercised while drafting legal documents fixing the onus
on them in case of any pilferage or leak or abuse of data by incorporating relevant
covenant for malfeasance or misfeasance.
10. CONCLUSION:
LIMITATIONS
• Limited time – Due to the less time available in the internship, could not able
to devote much tome to the research part thus able to get the response from
140 respondents only.
• Non co-operation of people during the survey – People were not willing to
fill the entire questionnaire due to the less time available to them.
REFERENCES
QUESTIONNAIRE
3.will you agree that IT plays a vital role in improving the efficiency and
effectiveness of work
4. DO you really think that tremendous growth in IT helps in time saving in making
different transactions
5. Do you feel that IT modules that are frequently changing in implementation are
easy to learn
7. Do you feel that technology helps in attracting the customers and giving
competitive edge to others
8.Is IT time to time updation helps in securing the data and privacy aspects
9.Do you think banks are providing better service now after the implementation of IT