Дмитренко А. О., Панасюк І. М., Стасюк Ю. М.
Дніпропетровський національний університет імені Олеся Гончара
INFORMATION SECURITY OF COMMERCIAL BANKS
Nowadays, due to the overall informatization and computerization of banking area importance of information security of banks increased repeatedly. In the 1970-80 century data of the banks’customers or the bank’s activities were the object of information attacks. Such attacks were rare, their clients range was narrow, and the damage could be significant only in special cases. Currently, as a result of the spread of electronic payments, plastic cards, computer networks, object of information attacks is money both banks and their customers. Anyone can become a theif, you just need a computer connected to the Internet.
In a study published in 2009 by the American firm ClearCommerce [1], Ukraine is called a “hotbed” cibercrime as the majority of fraudulent with credit cards happens here. Conclusions of the study indicate that 20% of all orders coming from Ukraine are fraudulent. It means that “customers” use stolen information of credit card information. So, while network of users of banking institutions is expanding and access to them is becoming easier, the number of threats to computer systems as well as to the financial institution increases. The spread of so-called computer crime in the banking and credit area is explained very easily – huge funds are concentrated in this area, which are primarily interesting for criminals.
The objects of information security of commercial banks are:
1) data on personnel (management, responsible agents, employees);
2) information about the technology used by the bank;
3) information resources including:
- information on the activities and financial condition of the customer;
- information on all bank transactions and financial statements of the bank;
4) confidential electronic banking network.
The main purpose of information security is to ensure stable work of the bank and prevent threats on its security, protection from unlawful acts, disclosure, loss, diversion, distortion and destruction of proprietary information, malfunctioning hardware, software production activities, including equipment information.
Information security of banks provides information and analytical support for decision-making and for counteraction of attempts of unauthorized gathering of information which is the property of the bank, its customers or partners.
Information and analytical support of management decisions is made by collection and analytical processing of information about the condition and possible prospects of the business banking market. The purpose of this activity is to avoid the possibility of an unexpected occurrence of adverse factors and threats to the bank and to ensure management decisions that can minimize the effects of impact areas of the bank. To achieve this commercial exploration is used targets which targets are competing structures, as well as persons who may be or are bank customers.
One of the most promising directions in technical protection of information is the use of cryptographic systems [2]. Cryptographic information security system "Autograph 3.0", presented in 2001, is successfully used in commercial banks. It is the basis for the organization of systems of secure system of transmission and storage of information and allows identification function, integrity control and shelter data content.
The list of references:
1. Сайт організації ClearCommerce.Research [Електронний ресурс]. – Режим доступу: http://www.clearcommerce.com
2. Петренко С. Методические основы защиты информационных активов компании [Електронний ресурс] / С. Петренко. – Режим доступу: http://citforum.ru/security/articles/ zahita_aktivov.