We will write a custom Report on Security Technology Evaluation of Bank Solutions specifically for you
301 certified writers online
Maintenance of data security in banks is vital. Agency’s Disaster & Recovery/Business Continuity Plan is needed to proceed with this process. This plan allows some parts of the business to continue operating without interruptions to the customers. CSIA 485 case study presents the failure in ensuring data safety with regard to handling of storage tapes.
The system in use limits on accountability and credibility of data security. The plan which is used in CSIA 485 involves the development of information security policy, standard backup procedures, network design, information detection systems and various encryption methods. In the case of CSIA 485, there was a failure in system update.
Such an incident was caused by some technical issues, which shows that the participants of the critical plan did not have adequate training on the means of using DRBCPs (National Institute of Standards and Technology, 2009). The IT problem the company faces is rooted in the sever inefficiency that can be mitigated through efficient upgrading of the bank data systems.
Servers have different designs that function to provide for networking, cooling, management, interconnection and dynamism in data management and control. Servers help in consolidation of data and software for effective management, security and sharing within the bank.
This allows for moving of data, files, software and digital assets from laptops, desktops and mobile devices for central management and storage for the reduction of risks and costs. The shift is a vulnerable process since the bank intends to maintain process continuity as it upgrades the systems without disrupting services to customers.
Through adequate training on the use of the DRBC systems, users learn the best ways of confidential sharing of information within the bank. The technology shows security aspects relevant to the needs of Bank Solutions, Inc, which will allow for the development of standards of information security policy, backup procedures, network designs, information detection systems, and various encryption methods among others.
The system assures reliability through central monitoring and ensures efficiency in system updating (Kim & Solomon, 2011). The disadvantage of this system is that upgrading can make some of the bank employees in the decentralized data centers lose their jobs. Such a situation can lead to resistance from the staff members. Centralization reduces the responsibilities of staffs due to data centers. However, overworking server maintainers can cause delays in acquisition of authorization for access in critical times.
The costs associated with the setup of a secure server infrastructure involve acquisition, setting up and ongoing costs. Acquisition costs involve the acquiring of software and hardware necessary for the setting up of the system. This includes variable costs of EDA and CAM/ CAD tools dependent on the number of engineers employed to work on the process. Setup costs involve professional services for constricting the storage server, application server as well as other applications.
These costs involve the training of branch administrators on handling with daily operations for basic level support. Ongoing costs are classified in two divisions, labor costs and maintenance costs. Maintenance costs are fixed and used only on demand, while there is variability of labor costs. Each server in the company requires regular daily administration within the year for about 4 hours, and the labor involved costs about $50 per hour.
Decentralization strategy for the servers will cost the bank $1.6 million – 52.5%, as a one-time hardware, software and setup cost. Ongoing maintenance and support cost take 33% on a spending within 3 years. This can increase to 46% of overall operating costs within five years.
To avoid the failure in systems’ updating, Bank Solutions can use a centralized approach to setup its server operations. Such a measure is helpful of reduction of setup and administration costs. Instead of spending on pocket servers for the use of few users, the IT managers can take advantage of economies of scale through the creation of few servers, storage servers and powerful applications. The cost of acquisition in the centralized system is $544,000 with setup being $33, 000 and ongoing expenses of $334,200.
However, through the utilization of the power of performance efficiency of decentralized systems and the possibility of elimination of distance through virtual connectivity of users, the centralized solution is the best choice for the data security. It will help in reducing of acquisition costs, setup and ongoing costs for short and long-term operations.
The maintenance of this technology is an issue, which requires comprehensive dissection to prevent any instances of abrupt failure (Slezak, 2009). For instance, the section of maintenance calls for periodical upgrading of software, computers, payments of employees responsible for taking care of the technology, replacement of hardware and other security equipment.
The maintenance of the servers will facilitate security services to avoid detrimental complications of server issues. Users must be responsible for protection of sensitive data through secure management of passwords.
Get your first paper with 15% OFF
The database administrator takes care of administration of databases, assigning local user roles and granting system privileges. It also requires the maintenance of underlying security in data transmission in various operating systems. Trusted application administrators help in creation and administration of accesses and user privileges as well as maintenance of security in the centralized enterprise.
Avoidance of server issues requires ongoing checkups and proper management to ensure smooth running of the technical infrastructure. A barrier to success in the centralization of the server system can result from employees who feel that they may lose their jobs. It is also apparent that centralization increases responsibility of fewer IT specialists and calls for advanced trainings to handle the new systems.
The security system must be FDIC compliant for the bank to develop a storage area network in the head office of the bank. The second one can be developed in one of the data centers with a reduction of server requirements to a single rack and elimination of patched storage of data storage tapes.
The main server is capable of rescuing information in the alternate data center within 5 minutes allowing customers and employees to continue accessing their accounts without noticing the failure interruptions. The achievement of this comes with its financial implications; such training requires huge financial commitment (Camara et al., 2011).
Lack of required skills can delay effectiveness in convergence that can hamper the daily operations of the bank. Any slight hitch in shifting from decentralized to centralized servers, unless professionally executed, can hinder normal bank operations and lead to customer dissatisfaction. Such vulnerability requires thorough evaluation and timing of the transformation processes.
The setup has ample proximity advantage since it enhances the performance of Windows’ applications in the bank. Since users and applications are at the same location, high performance may be guaranteed. Centralization of the server system is flexible and not bound to specifications. It will allow the bank to make extensions on its systems and alter its layouts without resource wastages.
It helps in consolidation and reduction of crowding of server racks in the data centers ultimately reducing the maintenance costs. Centralization allows for integration of operations and monitoring of the systems for the ease of cross sectional analysis necessary for upgrading the Bank Solutions information gained from all the departments regarding the customers, costs and employees’ data to ensure the effectiveness of updating.
Such an approach ensures the improvement of service quality. The system helps in enhancing performance through coordination of security, customer support and cost control. In CSIA 485 case, the failure happened due to obsolete servers which they were no longer necessary in the centralized system. This challenges the viability of the costing of upgrading resources since they are irrelevant to the new system.
Centralization of Bank Solutions, Inc seeks to address the issues in the server security system. The management should address such issues as updates of software, perform regular tests of item process facility, provide secure channels, partition employees according to levels of data access, and improve system efficiency as required by the bank.
It will reduce the present data tape storage in unsecure means within data centers, external storage facilities backyards and at Bank Solutions Data Center East, which can lead to data being compromised. However, as the case of CSIA 485 shows, the disadvantage rests on IT professionals, who are in charge of the data centers, since their services become unnecessary in the centralized system, and it might lead to firing most of them, which can result in resistance hampering smooth operations in the bank.
The case of CSIA 485 requires that Bank Solutions, Inc centralize its servers to effect efficient management of the data systems. Through the adoption of efficient standards, the bank data remains secure and available to only those who receive authorization.
Centralization will eliminate duplication of IT infrastructure in the offices and reduce on unnecessary IT expenses leading to high efficiency of utilization of resources and elimination of potential data insecurities. The company must be ready to incur the costs involved and take advantage of the flexibility that the system will provide. Through effective maintenance and availability of the necessary requirements, the company will be in a position of assuring customer satisfaction always.
Camara, S., Crossler, R., Midha, V. & Wallace, L. (2011). Disaster Recovery and Business Continuity: A Case Study for CSIA 485. Journal of Information Systems Education. 22 (2), 117-122.
Kim, D., & Solomon, M. (2011). Fundamentals of information systems security. Sudbury, MA: Jones & Bartlett Learning.
National Institute of Standards and Technology. (2009). Recommended Security Controls for Federal Information Systems and Organization. NIST Special Publication 800-53 Revision 3. Retrieved from https://csrc.nist.gov/publications/detail/sp/800-53/rev-3/archive/2010-05-01