X

Download Evolution of Security Standards in Indian Banking PowerPoint Presentation

SlidesFinder-Advertising-Design.jpg

Login   OR  Register
X


Iframe embed code :



Presentation url :

Home / Computers & Web / Computers & Web Presentations / Evolution of Security Standards in Indian Banking PowerPoint Presentation

Evolution of Security Standards in Indian Banking PowerPoint Presentation

Ppt Presentation Embed Code   Zoom Ppt Presentation

PowerPoint is the world's most popular presentation software which can let you create professional Evolution of Security Standards in Indian Banking powerpoint presentation easily and in no time. This helps you give your presentation on Evolution of Security Standards in Indian Banking in a conference, a school lecture, a business proposal, in a webinar and business and professional representations.

The uploader spent his/her valuable time to create this Evolution of Security Standards in Indian Banking powerpoint presentation slides, to share his/her useful content with the world. This ppt presentation uploaded by bharatb in Computers & Web ppt presentation category is available for free download,and can be used according to your industries like finance, marketing, education, health and many more.

About This Presentation

Evolution of Security Standards in Indian Banking Presentation Transcript

Slide 1 - V.Radha IDRBT Evolution of Security Standards in Indian Banking Industry
Slide 2 - The chronology of events (1999-2004) 2 IDRBT set up INFINET Hyperchat was the only application Its VSAT based Banks were using Novell based net applications IP was enabled on INFINET and internal banks’ LAN could be connected MMS Launched Novell was very late in bringing IP onto Netware. Today there are no/few Novell app in Banking Industry. IDRBT CA SFMS NEFT NFS
Slide 3 - First few threats and countermeasures 3 Very low knowledge levels of Networks (Even IP Addressing, Routing etc) Even Internet IP addresses that are generated from DNS requests from browsers used to hit INFINET and bring down the entire INFINET. Banks were guided to connect to INFINET through routers with NAT, proxies, Firewalls etc MMS was hacked IS Audit was mandated CISA certifications were encouraged Internet Banking required RBI permission Training Programs on INFINET, Network Security, MMS etc were launched
Slide 4 - Recent Initiatives 4 VAPT from Cert empanelled IS auditors IS Governance and IT Governance from IDRBT Gopala Krishna Committee Guidelines on Security, Cybercrime etc. PCI-DSS Mobile Banking Security Guidelines
Slide 5 - Security 5 Security Problems Man made Created by faulty design and implementation issues Phishing Spoofing etc Majority of attacks listed in OWASP Crossing lines of “not supposed to” Unauthorized Access Tampering Data Natural Identity Management AAA Secret Sharing etc
Slide 6 - Solutions 6 Strengthen the weak protocols, software, OS, implementation etc Prevent security threats to manifest as much as possible Monitor the events of crossing lines of “not supposed to”
Slide 7 - New thoughts 7 Looked at phishing and solutions of anti-phishing Very less can be done from banks’ end on this Solutions like SPF has to be implemented by all across, not just by banks. Domain Specific Passwords is a very good solution, but has to be part of browsers Majority of the phishing techniques like domain name look alike, URL redirection etc are taken care by browsers Banks are asked to deploy adoptive authentication, over and above 2 factor authentication (monitoring solution)
Slide 8 - Source Code Review 8 As we see many vulnerabilities are due to bad coding, we felt the need for mandating source code review on application vendors. Also, we observed that the product vendors like OS, Database have framed their in house frameworks for ensuring safe and secure software.
Slide 9 - Formal Methods 9 New Payment Protocols Design Level Verification is must before deploying the protocol New Privacy Issues in Mobile Telephony: Fix and Verification by Ravishankar Borgaonkar et al
Slide 10 - Data Privacy Friday, July 06, 2018 Institue for Development and Research in Banking Technology 10 Some cases of corporate espionage Some banks setting up Data Governance Groups Groups include HNI, Corporate Customers, solution vendors along with banks CISO
Slide 11 - Business Process Re-engineering Friday, July 06, 2018 Institue for Development and Research in Banking Technology 11 Dematerialized Deposits Online Deposit verification Straight through Processing - Automated Data Flow Online Lending Platforms
Slide 12 - Education Friday, July 06, 2018 Institue for Development and Research in Banking Technology 12 Most of the security problems thrown in the courts of solution vendors (n/w, app etc) Banks can resolve them only if they are knowledgeable Network Security, IS Audit, IS & IT Governance, Secure Coding practices, Fraud Detection and Monitoring etc help them equip with latest know how.
Slide 13 - Human Resources Friday, July 06, 2018 Institue for Development and Research in Banking Technology 13 Banks are increasing the specialist technical officers in Scale I and Scale II through campus recruitment as well IDRBT Mtech IT with UOH, 100% placement We envisage that future generation of bank employees would come up with new innovations, appreciate the govt and regulatory policies in taking benefits from technology, with no or less resistance
Slide 14 - Friday, July 06, 2018 Institue for Development and Research in Banking Technology 14 Thank You