By Kelly Crancer p. 328

decisioncrunchΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

83 εμφανίσεις

By Kelly Crancer

p. 328

670,000 account numbers and balances were
seized by New Jersey mastermind.

Bank of America, Commerce Bancorp, PNC
Financial Services Group, and Wachovia were
the victims

In the past, banks found the cost too high to
invest in the security technology.

Now, the market value of personal
information becomes important, causing
banks to invest in the technologies.

Worm reroutes the bank’s URL to thief's

two factor authentication



Then, enter password

Unusual computer
answer a personal

Wallet” questions
not found on
driver’s license

Key fobs
change password every 60 seconds

factor authentication pilot
businesses making electronic transfers will
need the key fob

Customers with more than $50K
free Digital
Security ID for network authentication

Displays new 6
digit codes every 60 seconds to
log on with

transfer delays to detect suspicious

Due to phishing incidents
large transfers from
victims’ accounts to “mules” accounts

Created based on e
mail solicitations

Monitoring actions

Notifies customers when logging in at different
city than normal or numerous transfers

What reason would a bank have for not
wanting to adopt an online
transfer delay

Customers can’t access their funds

Why is network security critical to
financial institutions?

All the bank’s money is accessible via the
computer and could be stolen with little record
of where it went.

Explain the differences between the types of
network security offered by the banks in the
case. Which bank would you open an account
with and why?

Bank of America has the best form to fit my needs
with the two
factor authentication.

I don’t see the need for key fobs with different
passwords so frequently with Wells Fargo.

Trade would be better for their customers with
large sums of money using the device with a new
code ever 60 seconds.

Barclays’ delays would not be as important to me,
with smaller sums of money because I need
immediate access at certain times.

What additional types of network security,
not mentioned in the case above, would
you recommend a bank implement?

I think a device with fingerprint hardware
would be very valuable to online bank users.

Identify three policies a bank should
implement to help it improve network
information security.

Be willing to change with technology.

Make users change their passwords frequently.

Have monitory verification managers to watch
suspicious activity.

tech scheme, low
tech tool)
using the telephone to ask for account

Makes the caller ID look legitimate

V stands for voice

If you get a call requesting this information,
hang up and call your bank

If it was a real bank request, they will let you
give it when you call back

Otherwise, report the caller


Dialing For Your Dollars

Justin Pritchard