Question

REGARDING RISK ASSESSMENT

When speaking to a bank colleague, he told me that employees only have access to company information during the time they are in the office. In other words, they are not allowed to log into the network when at home.

Why do you think the bank has this type of procedure in place? What if the bank’s VP needs to review important accounts while working from home? Should this person have different privileges to the customer accounts?

PLEASE MAKE COPY PASTE AVAILABLE

Answer 1

As we know that the information/data of a bank or any organisation should be safe and free from enclosures. To ensure this each and everyone(employees and members) are responsible. Regarding the given situation it is a good idea that employees only have access to the information during the office times. But as we all know that with growth of technology there is no limit to the customer access. There is situation that employees have to accesss and respond to the customer or any others not only in office times. So it will be difficult when there is no access.

In my opinion the banking details are very confidential so there are high chances of getting attacked. As the banking bussiness is mainly dependent on trust between organisation and customer, so oraganisations should have to be carefull in security reasons. This the reason why the access for employees is limited.

But, there are many chances and needs to access the details other than the office hours. As the problem in the situation stated that what if the bank VP need to access details in their home or any place other than the office? As we are in fast generation the organisations have to plan for work from any where that means service for anywhere and any time. To do this one has to have an access from any place. To ensure this the organistions have to undergo many risks like: i) Data leakeges, ii) Spamming and local thefts.

To reduce this one has to ensure strict security plans. For example VP have to get an acces from his/her home but ther must be some ristrictions not only for VP but also the employees who are used to access the information for the place other than the office like: They have to access the information only with the asserts provided by the orgainations, ensure that no one is seeing the information, ensure that the login details are very confidential and strong, It is better to have some face or finger print verifiactions to ensure that the correct person is accessing the details. The employess should be tustworthy. Ensure correct logging out after the completion of work. Organisation has to be sure that the data is stored in secure place. There should follow perfect risk analysis techniques to followup the risks occured and also stong risk management system to eradicate the risk oftenly.

Thank you.