Assignment 5 Cybersecurity Measures for a Financial Institution | CSIS 343 - Cybersecurity
2. Secure Online Banking Practices: Develop guidelines for secure online banking
practices for both customers and employees. Propose measures such as secure login procedures, transaction monitoring, and customer education on phishing threats. Address the importance of secure communication channels for online banking transactions. Title: Guidelines for Secure Online Banking Practices Introduction: Online banking offers convenience, but it also comes with security risks. Developing and following secure practices is crucial to safeguard both customers and employees. This document outlines guidelines for secure online banking practices, focusing on secure login procedures, transaction monitoring, customer education on phishing threats, and the importance of secure communication channels.
Secure Login Procedures: a. Strong Passwords:
Encourage customers and employees to create strong, unique passwords. Emphasize the use of a combination of uppercase and lowercase letters, numbers, and special characters. b. Multi-Factor Authentication (MFA): Implement MFA for an additional layer of security. Recommend the use of biometrics, such as fingerprint or facial recognition, when available.
Transaction Monitoring: a. Real-time Alerts:
Enable real-time alerts for transactions, login attempts, and changes to account settings. Encourage customers to review and act on alerts promptly. b. Transaction Limits: Set transaction limits for online transactions. Notify customers when transactions exceed predefined limits, allowing them to verify or block the transaction.
Customer Education on Phishing Threats: a. Phishing Awareness:
Regularly educate customers and employees about phishing threats. Provide examples of common phishing scams and tactics used by cybercriminals. b. Verification
Practices:
Advise customers to verify the authenticity of emails, especially those requesting sensitive information. Remind them not to click on suspicious links and to independently verify the contact's legitimacy.
Secure Communication Channels: a. Encrypted Connections:
Ensure that the online banking platform uses secure, encrypted connections (HTTPS). Educate customers on checking for the padlock icon in the browser address bar. b. Secure
Messaging:
Encourage the use of secure messaging within the online banking platform for communication. Discourage sharing sensitive information through unsecured channels, such as email or social media.
Regular Security Audits and Updates: a. System Audits:
Conduct regular security audits of the online banking system. Promptly address any vulnerabilities or weaknesses identified during audits. b. Software
Updates:
Keep all software, including browsers and security software, up to date. Regularly update the online banking platform to patch security vulnerabilities.
Data Privacy and Compliance: a. Compliance with Regulations:
Ensure compliance with data protection and privacy regulations. Inform customers about the bank's commitment to protecting their personal information. Conclusion: Adhering to these guidelines will significantly enhance the security of online banking transactions. Regularly updating security measures, educating users, and maintaining a proactive approach to potential threats are essential for a robust online banking security framework.