" Network Security in Banks Contents1. Introduction ........................................................................................................................................... 32. Project Scope ........................................................................................................................................ 43. Project Objectives and Justification ...................................................................................................... 54. Literature Survey and Background ....................................................................................................... 55. Network Design .................................................................................................................................... 56. Network Security plan .......................................................................................................................... 77. Security Technology Implementation ................................................................................................... 8For the implementation of the security technology the following procedures must be followed: ................ 88. Discussion & Conclusion ...................................................................................................................... 89. References ............................................................................................................................................. 9 1. IntroductionArab Bank started in the year 1930 is considered as the largest among the Middle Eastfinancial institutions. The Arab bank extend their services to themto the consumers, corporatesand to the government organizations too. The growth of the Arab bank is tremendous and theircustomers are extent throughout the world is increasing. In the current situation with respect togrowth the Arab bank is lagging behind in the network security. The network security is moreimportant because the confidentiality of the customers must be preserved to retain them. In thegrowing technologies network breaches are plentiful in the banking sectors. It also leads tomisuse of the transactions and improper disclosures.To prevent all these and ensureuninterrupted functioning of the banking process the network infrastructure and network securityis important. This project ensures a secure network infrastructure for the Arab bank by provingthe existing designs and the security plans.Project Title Network Security in banksProject Sponsor Bank XYZProject ManagerStart DateProjected Finish Date Roles and ResponsibilitiesNameProject Role Position ContactBank XYZ Sponsor Project Manager Team Member CustomerExpert AdvisorMilestones and DeliverablesMilestones Deliverables Expected DateProject ProposalBc2. Project ScopeIn our project we have used secure network for the bank better than the existing networkby improvising the VLANs, Routing Protocols, WAN, WLAN and network security. Considering the Arab Banks in Middle East, it has various branches spread over the region. Theinfrastructure with regarding to the network is spilt into the three: Headquarter, Branches andBackups. The headquarters located at the middle of the region has the mainframe computer withSystem Networks Architecture (SNA) for the Automated Teller Machines (ATM). Flexible LANand WAN connections are used for inter connecting the branches. The draw back in this systemdesign is that still they use IPX/SPX communication between their branches and has to rely onthe support of external vendor for the processing. The processes are solely dependent on theIPX/SPX, SNA and ICT for the network infrastructure services. The complexity in the ICTinfrastructure is high.This becomes a hindrance for the business growth and reduces thesustainability.These types of systems require very high maintenance making the investment ofthe bank high in the network section. The growth of the bank including new branch opening isconsidered as 30% per annum. But the sustainability of the current network is very low that itcannot compensate the growth of the bank for more than 3 years. Our project mainly concentrates on these issues in the infrastructure side and there improvising the network securityas discussed above.3. Project Objectives and JustificationOur task is to mainly design a network infrastructure with high reliability, security, scalabilityand improved performance. The security should not disturb the existing process of the ArabBank. Theobjectives goals can be divided in to the following: 1. improving the network infrastructure using the new design 2. Security plan without affecting the processes 3. Real time implementation to ensure its robustness4. Literature Survey and BackgroundThe literature survey provides the exposure to the many unidentified in terms of networkinfrastructure and security. Various threats have been recognized in the existing network securityplans. There are some advanced security plans which learns from new security breaches andprevents further breaches of the same kind. Bu the reliability of the system decreases as theprotection from security breach is only perfect from the second time of the breach. Apart fromthese the main goals of the network infrastructure didn’t deviate from the customer satisfaction.In all the aspects the satisfaction of the customers is the imperative feature of the network designand the security.5. Network DesignThe network design includes designing of the Local Area Networks (LANs), Virtual Local AreaNetworks (VLANs), Wide Area Networks (WANs) and Virtual Private Network (VPNs). TheCIDR format is used for the IP address allocation in the proposed design. The public and privateIP addresses should of diverse range for different groups. The range of the addresses must discuss with the project sponsor and must be implemented upon approval. The security, networktraffic, performance, dependability, scalability, obtainability must be ensured for each of theabove discussed networks. To design a network infrastructure with all these aspects requires avast number of real time data for analysis. The required data must be collected from therespect5ive personalities of the bank and assumptions can be made in certain situations like theoperation of the ATM machines. The time of operation of workstation in branches can beassumed from 8:00AM to 6:00PM.For this design, take into account the following:a. The network traffic generated by the host can be from servers, their backup devices, ATMsand the clients b. The suitability of the existing WAN linksc.The suitability of the existing WAN frame worksd. The suitability of the existing LAN linkse. Necessities for the VLANsf. The devices used like routers and switches in the corresponding site or location g. The allocation of IP address for the main network devices and the sub networksh. Traffic separation by using sub-netting with IP address distribution i. Positioning and selection of firewall strategies such as single firewall, dual firewall and statefulpacket filter j. Proxiesk. Network Address Translation/Port Address Translationl. Dematerialized Zones (DMZs)m.The planning routers and their routing tablesn. Lists for controlling the firewallso. Device allocation and the network topology diagram Figure: WAN layout of the Arab Bank6. Network Security planThe network security plan should contain as minimum the following: 1. The importance of the security plant and its outline2. The areas of the organization in which the plans are applied and outline of it.3. The assumptions made while preparing the security plan and documentation of those4. The clear and brief statements about the security plan. 5. The analysis of the current threats, vulnerabilities and challenges faced while designing thesystem along with the shortcomings in the existing system with respect to the organization risks6. The policies followed for the protection from expected network security attacks7. Recovery from the disasters and their respective business continuity plans8. The strategies followed for maintain the security policies 9. The other risks such as the cost of migration to the new system, usage of newer technologyand educating them to the clients and users.10. The recommended resources and their cost including the maintenance7. Security Technology ImplementationFor the implementation of the security technology the following procedures must be followed:1. Procedures for the data back up and the recovery.2. Secure the data handled by the staff by using the Work At Home procedures (WAT)3. The actions like accessing, sharing, downloading and uploading the data must be performedby using proper authentication systems for secured data handling.4. The prevention of spam emails is more significant5. The various protocols such as FTP, HTTP, SMTP, DHCP, DNS must be improved in terms ofthe robustness in terms of the authentication, control for the domains, load balancing in the database and other specialized actions.6. The network security includes the dematerialized zones, improved firewalls, Cryptography,encryption and usage of proxies.7. Framing of the security policies8. Discussion & ConclusionThe network design is considered as an effective one without comprising on the client’ssatisfaction. The security aspects proposed does not affect the existing banking processes. Thecost of implementing the new network infrastructure is redeemable one. The maintenance of theproposed system is comparatively low than the existing system in terms of performance. Simplesecurity threats like spam emails are also taken care as a threat as security breach in networksecurity policies. Relying on a vendor for load balancing and server maintenance is avoided inthis design. The sustainability of the proposed system is very high with respect to the growth ofthe organization and can be reliable for many years with respect to increasing clients andprocesses. The quality of the network infrastructure is very high in terms of load balancing depending on the periodical and constant loads. The security breaches can be prevented withhigh encryption and cryptography techniques. 9. ReferencesAlbrechtsen, E. (2007) A qualitative study of user's view on information security. Computer andSecurity 26 (4): 276–289. Backhouse, J. and Dhillon, G. (1996) Structures of responsibility and security of informationsystems. European Journal of Information Systems 5 (1): 2–9. Beatson, J.G. (1991) Security – A personnel issue: The importance of personnel attitudes andsecurity education. In: K. Dittrich, S. Rautakivi and J. Saari (eds.) Computer Security andInformation Integrity. Amsterdam, The Netherlands: Elsevier Science Publishers, pp. 29–38.Cavaye, A.L. (1996) Case study research: A multi-faceted research approach for IS. InformationSystems Journal 6 (3): 227–242. Debar, H. and Viinikka, J. (2006) Security information management as an outsourcedservice. Computer Security 14(5): 416–434.Denzin, N.K. (1989) The Research Act, 3rd edn. Englewood Cliffs, NJ: Prentice-Hall.Dhillon, G. (2001) Challenges in managing information security in the new millennium. In: G.Dhillon (ed.) Information Security Management: Global Challenges in the New Millennium.Hershey, PA: Idea Group Publishing, pp. 1–8.Dhillon, G. and Backhouse, J. (2001) Current directions in IS security research: Towards socio- organizational perspectives. Information Systems Journal 11 (2): 127–153. Dhillon, G. and Torkzadeh, G. (2006) Values-focused assessment of information system securityin organizations.Information Systems Journal 16 (3): 293–314.Dobson, J. (1991) A methodology for analysing human and computer-related issues in securesystems. In: K. Dittrich, S. Rautakivi and J. Saari (eds.) Computer Security and InformationIntegrity. Amsterdam: Elsevier Science Publishers, pp. 151–170. Eisenhardt, K.M. (1989) Building theories from case study research. Academy of ManagementReview 14 (4): 532–550. Flick, U. (1992) Triangulation revisited: Strategy of validation or alternative? Journal for theTheory of Social Behaviour22(2): 175–198. Galliers, R.D. (1992) Choosing information system research approaches. In: R. Galliers(ed.) Information Systems Research: Issues, Methods and Practical Guidelines, pp. 144–146,Oxford: Blackwell Scientific Publications.Gefen, D., Karahanna, E. and Straub, D. (2003) Trust and TAM in online shopping: Anintegrated model. MIS Quarterly27 (1): 51–90.Gefen, D. and Straub, W. (2004) Consumer trust in b2c e-commerce and the importance of socialpresence: Experiments in e-products and e-services. Omega 32 (6): 407–424. James, H. (1996) Managing information systems security: A soft approach. In P. Sallis(ed.) Proceedings of the Information Systems Conference of New Zealand. Washington DC:IEEE, pp. 10–20.Janesick, V. (2000) The choreography of qualitative research design. In: N.K. Denzin and Y.S.Lincoln(eds.) Handbook of Qualitative Research. Thousand Oaks, CA: Sage.Keeney, R.L. (1999) The value of internet commerce to the customer. ManagementScience 45 (3): 533–542. Kokolakis, S.A., Demopoulos, A.J. and Kiountouzis, E.A. (2000) The use of business processmodelling in information systems security analysis and design. Information Management andComputer Security 8 (3): 107–116. Koskosas, I.V. (2008) Goal setting and trust in a security management context. InformationSecurity Journal: A Global Perspective 17 (3): 151–161. Leach, J. (2003) Improving user security behaviour. Computers and Security 22 (8): 685–692. McKnight, D.H., Cummings, L.L. and Chervany, N.L. (2002) Developing and validating trustmeasures for e-commerce: An integrative typology. Information Systems Research 13 (3): 334– 359. Mikhailov, A.I., Chernyi, A.I. and Giliarevskii, R.S. (1984) Scientific Communications andInformatics. Arlington, VA: Information Resources Press. "