1 / 25

Banking Role of Security Products

Banking Role of Security Products. Subramanyam Venkatakrishnan Country Manager – Software Group IBM Vietnam Email : subra@vn.ibm.com. Topics. 1. Banking Overview. 2. Security and the Banking Front Office -. Security and the Banking Back Office. 3. 4.

jocelyn-mays
Download Presentation

Banking Role of Security Products

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BankingRole of Security Products Subramanyam Venkatakrishnan Country Manager – Software Group IBM Vietnam Email : subra@vn.ibm.com

  2. Topics 1 Banking Overview 2 Security and the Banking Front Office- Security and the Banking Back Office 3 4 Security and Banking Risk and Compliance

  3. Banking Overview

  4. Banks face many challenges today

  5. Drivers of Bank Spend • Reduce operation costs • Reduce IT maintenance costs • Focus on core business activity • Grow top line • Create a basis of differentiation • Rapidly develop and deploy new products • Reduce overall risk exposure • Reduce capital requirements • Comply with all regulations • Strengthen operation controls • Examples: • Improve customer service through online system, ATMs, and branch outlets • Examples: • Lower paper-based transaction costs • Examples: • Prevent operational risks from creating a business disruption

  6.   Risk Management starts with regulatory compliance, but moves to improve competitive advantage VALUE ERM evolves from checking of lists to becoming the nervous system of the business TRANSFORM • Equity Premium • Reduced Insurance Cost • Higher Credit Rating / Lower Cost of Debt • Brand equity “Lever Compliance for Competitive Advantage” IMPROVE MATURITY CONTINUUM • Drivers: • Enhanced Decision Making • Increasedtransparency & speed • Process robustness • Risk mitigation • Streamlined reporting • Increased accountability • Increased investor confidence “Optimize and Sustain” COMPLY “Penalty Avoidance” COST STAKEHOLDER VALUE

  7. The fear of systemic failure, will drive central banks to define norms for risk and compliance Timeline Events Regulatory & Market Response

  8. Security plays a big role in managing Operational Risk, the second biggest, after Credit 5% 5% 30% Market Risks Credit Risks 60% Operational Risks Other Risks

  9. Security and the Banking Front Office

  10. Banking Front Office Initiatives Common front office banking initiatives Grow the business Co-browsing service to boost application rates and reduce application errors Channel integration to consolidate customer information and to create more targeted ads Leverage all channels (online, branch outlet, contact center) to drive cross-selling and up-selling Strategic partnerships to offer more comprehensive menu of financial products, i.e. bank partnering with capital markets firm to offer a mutual fund Drive operational efficiencies Lower cost of supporting customers by driving more online traffic Improve productivity of branch sales reps and contact center support reps Ensure operational resilience Eliminate or minimize identity theft risks and fraudulent activity Improve quality of information gathering for new customers to ensure compliance with Patriot Act and other AML initiatives

  11. Security adds value for the following projects Grow the business Drive operational efficiencies Ensure operational resilience Eliminate or minimize identity theft risks and fraudulent activity

  12. Automate customer account management to minimize lossesvia Tivoli Identity Manager and Tivoli Access Manager ISSUE Once identity theft or fraud has been detected, customers often experience difficulty getting their accounts immediately close, which increases their losses Account activity monitoring to provide audit trail useful for fraud investigation Tivoli Identity Manager provides… • Automated account management, including provisioning of access rights and the denial of those rights based on corporate-defined privileges Tivoli Access Manager provides… • Account auditing • Real-time authentication of access to OSs, DBs, apps, and directories Benefits • Ensure rapid responses to customer complaints • Limit losses associated with identity theft

  13. Security for Banking Back Office

  14. Banking Back Office Challenges Driven by the Business • Business drivers of flexibility • Shorter lifecycles for financial products • Competitive threats • New regulations and industry standards to adapt to (Check 21, SOX, Basel II) • And yet…. • Continued use of legacy systems, lack of automated tools • Flat to minimal investment in automation tools • Business drivers of cost growth • Application complexity driven by diversification of products • Focus on risk management (credit, market, operational, etc.) • Greater demands for IT QoS • And yet… • IT has been given smaller budgets and must demonstrate ROI • Bloated administrative overhead to remain flat

  15. Security adds value in the following initiatives Improve efficiencies and lower costs Continue to drive internet usage among customers to reduce support costs Improve business flexibility and responsiveness Business process outsourcing/off-shoring

  16. Enable growth objectives related to outsourcing or strategic acquisitions through secure partner networks and identity mgmtvia Tivoli Federated Identity Manager, Tivoli Identity Manager ISSUE Financial institutions spend over $1B annually on offshoring; more firms looking to outsourcing credit card, debit card, and mortgage loan application processing Mergers and acquisitions force rapid personnel changes These factors exacerbate identity theft and fraud concerns, which already cost US firms over $2.4B in 2004 Tivoli Federated Identity Manager and Tivoli Identity Manager provides… • Automated account management and self-administration of passwords • Trusted network security among business partners Benefits • Enable strategic growth through trusted partnership networks • Lower complexity, time, and resources spent on personnel management following organizational changes

  17. Security and Risk and Compliance

  18. Banks must meet stringent regulatory requirements while controlling costs Common Pain Points • Need to meet stringent demands for enterprise security and records management stemming from the regulatory climate (e.g. Sarbanes-Oxley) • Need a flexible IT infrastructure that adapts to regulatory changes and supports both business unit and risk management goals (e.g. Basel II) • Escalating risk and compliance-related costs • Must build an enterprise-wide risk management infrastructure and be predictive not reactive Risk Compliance • Need to better understand bank risk exposure (credit, market, liquidity) • Manage reputation • Prevent destabilizing external threats stemming from virus or DOS attacks • Increased disclosure requirements bring tighter control on reporting systems • Ensure system security compliance Goals

  19. Security adds value to these Banking Risk and Compliance initiatives Identity theft and fraud Customer account management to prevent losses related to identity theft or fraud Auditing of account access and activity for future investigations into malicious behavior Operational resilience Ensure system security compliance for all corporate IT resources Implement enterprise-wide security and compliance policies that can flexibly adapt over time as regulations modify or expand Prevention of external threats such as virus attacks or DOS attacks Records management and retention

  20. Automate customer account management to prevent lossesvia Tivoli Identity Manager ISSUE Once identity theft or fraud has been detected, customers often experience difficulty with getting their accounts closed, which increases their losses Once a victimized account gets shut down, customers want new accounts quickly setup Enterprise-wide identities difficult to manage, allowing for improper access of sensitive corporate or customer data to the wrong person within an organization Tivoli Identity Manager provides… • Automated account management, including provisioning of access rights and the denial of those rights based on corporate-defined privileges • Ensure brokers, traders, branch sales reps, etc. gain access to the applications they need to perform their roles Benefits • Ensure rapid responses to customer complaints • Limit losses associated with identity theft • Help meet regulatory standards related to internal controls

  21. Limit losses associated with identity theftvia Tivoli Access Manager ISSUE Identity thieves are often able to access accounts after a theft has been reported and an account closure requested Account activity isn’t always monitored, which makes investigating a fraud claim difficult Tivoli Access Manager provides… • Centralized, real-time authentication of OSs, DBs, apps, and directories • Enforce corporate security policy related to user application and data access • Audit application usage Benefits • Ensure rapid responses to customer complaints • Limit losses associated with identity theft • Help meet regulatory standards related to documenting robust internal controls

  22. Prevent external risks that threaten operational resilience via Tivoli Risk Manager ISSUE DOS or virus attacks can cripple the availability of online services used by employees or customers Operational discontinuities result in lost business, dissatisfied customers, and IT costs spent on remediation Tivoli Risk Manager provides… • Proactive network and web intrusion detection to prevent external threats from entering the enterprise network • Problem isolation and remediation Benefits • Keep customer and employee application services up and running • Minimize IT resource consumption spent on network health and performance

  23. Align all systems with corporate security guidelinesvia Tivoli Security Compliance Manager ISSUE Spamming software often gets embedded on user machines, making them vulnerable to abuse and slowdown Systems that fail to adhere to the corporate security guidelines often go down, making themselves vulnerable to disruptions or failures to bugs, viruses, etc. Very costly today to identify and fix out-of-compliance systems Tivoli Security Compliance Manager provides… • Scanning of systems to identify out-of-compliance laptops, PCs and servers • Integrates with other Tivoli provisioning capabilities to perform rapid, error-free corrective action Benefits • Ensure corporate compliance • Protect employee productivity through well managed IT resources • Decrease administrative costs due to IT process automation

  24. Enforce corporate system security through automated config managementvia Tivoli Configuration Manager ISSUE Employee PCs, laptops, and corporate servers often lack critical software updates such as fixes and patches Systems that fall out of compliance with the corporate standards of system security often vulnerable to attack or system failure System downtime results in lack of productivity or responsiveness to customer inquiries Tivoli Configuration Manager provides… • Automated deployment of much-needed software bundles, including patches, e-fixes, and new application releases • Fault tolerant distribution of software Benefits • Help enforce corporate system security compliance and thereby reduce operational risks • Protect employee productivity through well managed IT resources • Decrease administrative costs due to IT process automation

More Related