Security of networks and systems operating in business organizations is of paramount importance to all business engaged in electronic commerce and online commerce (Lawrence et. al. 2006). The essay sets off with a critical review of the term security in the context of information systems, which illustrates the treats and risks arising from extensive use of information systems. Then, through a case study of banking giant Citibank, the essay addresses which security measures and how security management's are conducted to subdue threats and risks by Citibank in securing its information system and business.
Company Profile Citibank
Citibank is a major international bank, founded in 1812 as the City Bank of New York. Citibank is now the consumer and corporate banking arm of financial services giant Citigroup, the largest company in the world. Citibank offers a wide range of checking, savings, CD and retirement products — and all come with many free services including online banking, convenient account access, and 24/7 support (Steven, 2005). Citibank Online lets its customer take care of business without visiting a branch — they can pay bills, view account activity, make transfers, send wires, and use a wide variety of self-service options(Citibank.com). Citibank.com is the source of information about and access to domestic financial services provided by Citibank retail banking and the Citigroup family of companies (Citibank.com).
Security Threats and Risk faced by Citibank
Security breaches of banking activities essentially fall into three categories: breaches with serious criminal intent (e.g. fraud, theft of commercially sensitive or financial information); breaches by 'casual hackers' (e.g. defacement of web sites or 'denial of service' - causing web sites to crash) and flaws in systems design and/or set up leading to security breaches (Lawrence et al, 2006).
Online Fraud
Spoof (a.k.a. phishing or hoax) e-mails that appear to be from Citibank can put its customer at huge risk. Although they can be hard to spot, they generally ask the customer to click a link back to a spoof web site and provide, update or confirm sensitive personal information. To bait the user, they may allude to an urgent or threatening condition concerning their account.
Identity theft
Identity theft happens when someone uses another person's personal information to commit theft. This information may be as simple as date of birth, or as detailed as a Social Security number. Identity thieves use this information to open credit card accounts, obtain loans, drain bank accounts and more.
Trojan Horse, Viruses and Worms
Any email carries a Trojan Horse that plants a back door on an infected computer will allow a hacker to use the machine as a channel for other activities on the Citibank information systems. Often, viruses or worms are smuggled inside a Trojan horse. None should be underestimated, either alone or in combination, cause the potential for damage or irretrievable loss is real and sometimes uncountable(Lawrence et al, 2006).
How Citibank Information System Is Secured
As all of these threats have potentially serious financial, legal implications, security of information system should not be ...