Banking System Have Applications

The document discusses network security measures employed by banks. At the network level, banks use firewalls, intrusion detection systems, and filters. At the banking level, vendors are responsible for security. Applications are protected using security packs. Encryption is used to store card data and transmit messages securely. However, breaches can still occur through vulnerabilities like insecure coding, unused ports, or lack of user awareness. Banks implement solutions like testing application security, using port security and authentication on switches, and monitoring tools to enhance security. Regular security updates, access controls, encryption, and user education are also important aspects of banks' network security.

Uploaded by

Rahul Surapaneni

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

61 views

Banking System Have Applications

Uploaded by

Rahul Surapaneni

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 6

Banks Review On Network Security

Blog: Banks Review on Network Security

Sathwik Reddy Bheem Reddy
Wilmington University

Banks Review On Network Security

Additional Types of Network Security

Introduction
Banking system has applications, technology, vendors and regulations to secure banking
applications against network attacks or breaches. Daily offline transactions can be safeguarded
by utilizing security guards and strict monitoring using CCTV etc. But these days it is software
application like internet or mobile banking that are vulnerable to network attacks. There are
many individual or group hackers who keep on trying to breach the security to gain access to
confidential data and applications. Thus banks employ many strict security policies to secure
their networks.
Current security scenarios employed by banks are usually at three levels:
o At the first level the network level, banks make use of firewalls, intrusion detection
system and filters to ensure data and network security.
o At the next level the banking level, it is the responsibility with respective vendors to
ensure security.
o At application level database servers, web servers, log servers, middle ware are protected
using special security packs.
Banks also ensure that card based security is also maintained during its storage or in
transactions. Data related to card are stored in database centre which are safe guarded and
monitored regularly. Usually data is stored in encrypted form to avoid easily understandability.
Many network devices like firewalls, router with access list, layer 3 switches; layer 2 witches
with access list are configured in a typical banking network. These devices are configured in a
manner to avoid unauthorized access to any device on the network using access list or firewalls.
Moreover each device is also password enabled o that it cant be easily accessible and modified.
Over the internet banks utilize transport level security and secure socket layer to provide end
to end encryption. Tunneling is also employed for secure message transmission over virtual
private network.
Despite such tight security features one come across news of security breaches or fraud either
through bank cards or software applications.
2

Banks Review On Network Security

Loop holes:
o Tunneling can be used by hackers to bypass firewalls and make a security breach at
application level.
o Insecure coding practices, SQL or script injections can be used to attack a web
application (Taylor, David.,2002).
o Usage of unused ports, FTP, telnet weakens security.
o Awareness by public in using passwords and applications etc is less.
Solutions:

Security policies must test application code for vulnerabilities and find way to counter

any attacks.
ARP attacks can be kept away from this attack by utilizing the 'port-security' summon
accessible to most top of the line Catalyst switches, for example, the 4000, 4500, 5000

and 6500 arrangement.

VLAN trunking protocol attack can be avoided by utilization MD5 Authentication for all
VTP messages to guarantee no VTP message is handled by the customer switches if the

secret key contained in the message is not right(Taylor, David.,2002).

Some of the physical and system level security measures implemented in this network
are:

Authentication is mandatory when accessing servers or devices

Authorization is granted to only privilege users by administrator.
IP address enabling and disabling or changing is prohibited.
Rack mount servers are employed which can be easily locked.
Disabling of floppy drive, USB ports etc.
Antivirus is updated
Printers are available at responsible persons office.
Data is encrypted and stored in hard disks or RAIDS.
Packet filtering is done using firewalls.Access lists are formulated to deny

access of unauthorized users.

Network Monitoring tools depicts a framework that continually screens a PC
system for moderate or falling flat frameworks, and also use and execution,
and informs the system executive on account of blackouts or not exactly ideal
execution through email, pager or different cautions. These tools help in
following:

Banks Review On Network Security

Keep track of critical activities and softwares and gives notification to the

network administrator about any issues being faced.

Track trend
Troubleshoot
Plan for upgrades and changes
Ensure security
Saves money and increases profits.
Some popular network monitoring tools are: Spice work, Zabbix, Wire shark,

Microsoft Network monitor (Mitchell, B.,2015).

Banking network is prone to many kinds of network threats. Some of them are IP spoofing,
Denial of services attacks which may flood the traffic, Sync attack wherein TCP connection

is opened but initial hand shake is not intiated.etc.

For avoiding such attacks it is necessary to employ high bandwidth, have more servers,
have load balancing by spreading traffic to multiple servers, protect DNS server (Mitchell,

B.,2015).
If there is no need of ICMP then stop using them over the network. Routers must be
deployed so as they drop junk packets. Eg: dont allow UDP port 53 packets heading for

server.
Deploy firewall and intrusion detection system such that exchanges at the bank's
framework first experience an IPS that searches for weird organization requests and
actually denies anything taking after an Internet-based ambush. Your bank can work with

its IPS merchant to minimize unsettling influences of true blue framework development.
Once past the IPS, your Internet action encounters the firewall. We set these devices to
deny about with or without drawing closer action from answers to dynamic sales and an

obliged decision of organizations, for instance, site development and drawing closer email.
At long last, from within the bank's framework, I recommend an immense arrangement of
IDS sensors to screen the framework for strange action. This last line of assurance alerts
bank staff to extraordinary action samples and after that makes sense of if further action is

needed
Banks must impart awareness to customers regarding application, passwords and certain
safe guard techniques.