Introduction
Barclays
bank is one of the highly reputable multinational organizations that offer
financial services. In fact, the level of competition that it poses to other
financial institutions is higher, mainly due to the adoption of a
digitalization to most of the operations taking place. This has tremendously
led to efficiency, effectiveness, and timely service provision, hence improved
customer satisfaction. However, there is a negative part of the adoption: the
firm's information system is under threat of security risks originating from
malicious hackers who implants backdoors and utilize the security loopholes in
the system. These malicious security threats can also come in the form of
viruses, worms, computer spams, spyware and botnet. Fully aware of these, the management of
Barclays bank has invested a significant funding on the computer security
through hiring of white-hat hackers, acquisition and installation of
anti-viruses, and training of the security staff on computer security measures.
Therefore,
this paper seeks to discuss the effect brought by the computer viruses to the
financial institution, the effectiveness of the tools employed in combating
these threats, and also risks faced by the bank that emanates from these
security threats.
The
effect of Computer Viruses and Malware on Barclays ’
Information System.
There
are various effects to system security that arises from viruses and malware is.
These are discussed below;
1.
Loss
of the Vital Organization Classified Data to the Competitors.
In order to outdo each other,
competition levels amongst organization can peak at unfair levels. Every year,
Barclays Bank faces numerous attacks to its server system which can be traced
back to other financial institutions. These institutions hire hackers that can
be able to launch viruses and malware that have the ability to create backdoors
on the computer system. Eventually, the competitors can be able to acquire data
from Barclays , which can then be used to gain a
competitive advantage. The data can include both short-term and long-term
strategic plans for the financial institution.
2.
Emptying
of Customer’s Financial Accounts.
Some computer viruses, worms, and spyware
are specifically designed for transfer of digital information concerning
financial accounts of customers. This information can later be used to steal
finances from the customers. Given the sensitivity of the matter, most
financial institutions fail to disclose the information regarding the security
breach on customer data for the fear that they will lose the customers.
However, the Barclays bank has in the past acknowledged this imminent threat,
but promised to find the most effective ways in which to combat the same.
3.
Slowed
Computer Information System.
There is an existence of a
specialized computer virus that when launched, they have the capability of
self-replication. Others are able to infinitely re-launch on the system, hence
alarmingly increasing the level of computer activity. Eventually, the computer
information system slows down or crashes, thus minimizing the effectiveness of
the system (Filiol, 44).
4.
System
Data Corruption
Viruses and malware can distort and
corrupt the financial information contained in the information system. In the case of Barclays bank, data contained
in the information system includes the financial details of customers,
transaction details, employee information, corporate social responsibility data
and managerial information. Loss of such data is quite a disadvantage to the
organization, especially if it is permanently corrupted, hence irrecoverable.
To combat this, Barclays bank has heavily invested on a data back-up system for
easier retrieval in case of a loss. Additionally,
some information is still kept manually and in analog form.
Information
System Security Measures
1.
Training:
Barclays Bank has initiated a
program for periodic training of staff on information system security. It
involves the creation of awareness of the imminent threat posed by the viruses,
their evolution, and the ways in which it can be prevented. For instance, it is
recommended that the employees should avoid opening spam emails to avoid
planting backdoors on the system unaware. They are also trained on the ways of
strengthening their passwords to avoid cases of identity theft.
2.
Hiring
of Computer Security Experts
A computer security expert refers to
the highly trained and experienced personnel on ways of detecting and
effectively neutralizing system attacks. Including Barclays bank, most of the
financial institution are annually setting aside increasing amount of funding
for the ever-growing cluster of threats to the information system. It is worth
investing on this in order to avert the heavy losses arising from the loss of
customer data and the firm’s financial strategic information. Before causing
significant damage, computer viruses can be detected by the security experts,
hence diminishing their intended harm.
3.
Information
System Data Back-Up
Viruses and malware have the ability
to corrupt data. Depending on the type of virus, corrupted data is hardly
retrievable and can be lost forever. In the wake of this realization, Barclays
Bank has set up a back-up system that enables retrieval of the data. All the
vital information stored in the information system is automatically backed up
on a highly secured cloud system. As an additional security measure, the data
is also stored on a ground data back-up facility.
4.
Installation
of Anti-Spyware and Anti-Virus Software.
As virus and malware menace grows,
there is a witnessed rise in the number of start-up technology companies that
specializes on Anti-Virus and Anti-Spyware Development. It is approximated that
most of these start-ups are the same that creates viruses and spyware, and then
offer a solution (anti-virus) at a fee. An anti-virus is application software
that has the ability to detect viruses, malware and spyware. Subsequently, this
software recommends to the system user to perform a full system scan and
eliminate the system threat. Its installation is one of the effective ways in
which to eliminate a threat. However, there is a need to constantly update them
for detection of the latest threats to the system. This usually costs a
significant amount, but worth it (Bidgoli, 450).
Business Risk
Any organization — including
financial institutions – that does not invest ways to combat the risks brought
by the information security attacks, faces the risk of losing market share to
other competitors. For instance, in a financial institution, realization by the
account holders that there is a likely security breach for the information
system that can lead to loss of their account information; they will withdraw
and empty their accounts for the fear of loss. Ultimately, they will open
accounts at a competitive financial institution that invests on system security
measures. In turn, this will lead to heavy losses to the departed institution,
which can trigger the inability to meet operation costs and other financial
obligations. Eventually, the bank services will be terminated abruptly as a
result of bankruptcy.
Recommendations.
The
following are my recommendations that can help the organizations in reducing
computer virus risks:
a. The
information systems should regularly be inspected for any sign of abnormality
in services brought by viruses. This can be done through uses of anti-viruses
to fully scan the systems. Sophisticated anti-viruses come with an option of
auto-scan that enables the system to eliminate threats all by itself.
b.
System security experts should be
employed. Additionally, they should be regularly trained to refresh and update
them on the latest causes of Information system threats.
c.
Acquisition and regular update of the
anti-virus software. Therefore, funds should be set aside in order to meet this
cost.
d.
Computer security awareness creation
should be implemented by the computer security experts towards the employees.
This should be done periodically.
e. Computer
security reminders should be pinned at the workplace notice boards. This will act
as a reminder to the information system users on security matters.
No comments:
Post a Comment