scholarly journals Strengthen the Security Management of Customer Information in the Virtual Banks of Hong Kong through Business Continuity Management to Maintain Its Business Sustainability

2021 ◽  
Vol 13 (19) ◽  
pp. 10918
Author(s):  
Haosheng Chen ◽  
Daniel Tse ◽  
Pengfei Si ◽  
Gefei Gao ◽  
Chang Yin
Keyword(s):  
Hong Kong ◽  
Information Security ◽  
Case Studies ◽  
Business Continuity ◽  
Security Risks ◽  
Business Sustainability ◽  
Regulatory Policies ◽  
Customer Information ◽  
Business Continuity Management ◽  
Questionnaire Surveys

This article looks at studies on how to use business continuity management for Hong Kong’s virtual banks in order to reduce customer information risks, so as to maintain business sustainability. Firstly, the development of virtual banks in Hong Kong were investigated, the laws and regulations and regulatory policies of Hong Kong and the Mainland were benchmarked, and the main risks that may occur and be harmful to the bank business sustainability were analyzed. Considering the characteristics of virtual banks, the main concerns of public customers about the IT risks of virtual banks through questionnaire surveys were collected and analyzed. Moreover, the importance of business continuity management to virtual banks was drawn. Secondly, in the case studies, via understanding the overall situation of WeBank, its performance during the COVID-19 pandemic, and the regulations of the Monetary Authority of Singapore, the practice standards of virtual banks in business continuity management were further clarified. At the end, three suggestions for virtual banks in Hong Kong were put forward to reduce customer information security risks through business continuity management, thereby maintaining its business sustainability.

Security Information and Event Management Implementation Guidance

2013 ◽  
pp. 94-115
Author(s):  
Yushi Shen ◽  
Yale Li ◽  
Ling Wu ◽  
Shaofeng Liu ◽  
Qian Wen
Keyword(s):  
Information Security ◽  
Security Analysis ◽  
The United States ◽  
Professional Judgment ◽  
Event Management ◽  
Security Risks ◽  
Customer Information ◽  
Simple Step ◽  
Security Information ◽  
Security As A Service

This chapter is about guidance and implementation prepared by the Cloud Security Alliance (CSA) Security as a Service (SecaaS) workgroup, which is made up of users and practitioners in the field of information security. In preparing this implementation guide, input has been sought from experts throughout Europe, the Middle East, and the United States. A lot of professional judgment and experience are applied in the architecture, engineering, and implementation of a Security Information and Event Management (SIEM) guide to ensure that it logs the information necessary to successfully increase visibility and remove ambiguity, surrounding the security events and risks that an organization faces. By providing SIEM as a service under SecaaS, the provider has to be able to accept log and event information, customer information and event feeds, and conduct information security analysis, correlation, and support incident response. By providing flexible real-time access to SIEM information, it allows the party consuming the SIEM service to identify threats acting against their environment cloud. This identification then allows for the appropriate action and response to be taken to protect or mitigate the threat. The simple step of increasing visibility and removing ambiguity is a powerful tool to understanding the information security risks that an organization is facing.

scholarly journals Tinjauan Kesiapan Terhadap Implementasi Business Continuity Management Systems (BCMS) Berbasis ISO 22301 dan ISO 27001 (Studi Kasus: PT. JPK)

2019 ◽  
Vol 13 (2) ◽  
pp. 76
Author(s):  
Evan Hardyanto Prakasita ◽  
R. V. Hari Ginardi
Keyword(s):  
Information Security ◽  
Operating Procedure ◽  
Gap Analysis ◽  
Management Systems ◽  
Business Continuity ◽  
Top Management ◽  
Business Continuity Management ◽  
Control Objective ◽  
Iso 27001

Dengan berkembangnya teknologi dan matangnya setiap orang dalam menggunakan TIK, maka muncul sebuah tuntutan dari setiap orang yang menggunakan layanan perusahaan mengenai keharusan memiliki Business Continuity Management Systems (BCMS) dalam penyediaan layanan maupun ketersediaan produknya. Oleh sebab itu, diperlukan sebuah solusi agar para pengguna TIK (pegawai dan pelanggan) dapat terus menggunakan layanan yang diberikan oleh perusahaan. Hal ini melatar belakangi menejemen PT. JPK menerapkan BMCS. Dengan penerapan tersebut maka, tujuan dari penelitian ini yaitu guna mengukur kondisi dan kesiapan saat ini PT. JPK terhadap BCMS berbasis ISO 22301 dengan pendekatan control objective mengenai Information Security Aspects of Business Continuity Management dari ISO 27001, lalu melakukan strategi pememenuhan gap dan mempunyai Strandard Operating Procedure (SOP) hingga bisa digunakan perusahaan untuk sertifikasi ISO 22301. Langkah dimulai dari Studi literatur yang terkait dengan BCMS, sejarah maupun proses bisnis di PT. JPK. Selanjutnya melakukan review dokumen terkait proses bisnis di PT. JPK dan memetakan gap yang terjadi dengan assessment yang sudah dibuat. Pengumpulan data didapat melalui kuesioner dan wawancara kepada responden untuk mengetahui komitmen dari top management. Lalu melalukan gap analysis dan melakukan strategi pemenuhan gap. Hasil dari penelitian ini dari 83 pertanyaan kuesioner, hanya 51,81% yang comply dan sisanya 48,19% bisa comply dengan catatan. Mendapat dukungan dari top management untuk implementasi BCMS, PT. JPK siap melakukan perbaikan implementasi, dokumentasi maupun prosedur.

PRIVATE CLOUD STORAGE IN RURAL'S MANAGEMENT AND INFORMATION SYSTEM USING ROADMAP FOR CLOUD COMPUTING ADOPTION (ROCCA)

2020 ◽  
Vol 2 (2) ◽  
pp. 172-183
Author(s):  
Muhammad Agreindra Helmiawan ◽  
Irfan Fadil
Keyword(s):  
Cloud Computing ◽  
Information System ◽  
Information Security ◽  
Cloud Storage ◽  
Management Policy ◽  
Business Continuity ◽  
Private Cloud ◽  
File Management ◽  
Business Continuity Management ◽  
Cloud Computing Adoption

 The draft Management Policy and Rural Information system are all articles with several articles governing all information security. In concerning Business Continuity Management it is written "The information system and security work unit backs up data periodically, to safer backing up data using Cloud computing facilities." Cloud computing has advantages as file management. Private cloud storage is a form of cloud computing that is intended for limited use in certain circles and one of its functions is used for backing up data or file management. On the other hand, there is software that can be used to implement private cloud storage, namely Owncloud. To run the Rural Information Security Policy Draft article on Business Continuity Management and for the provision of data centers, a study was conducted to implement private cloud storage using Owncloud. The method used in this study is the Roadmap for Cloud computing Adoption (ROCCA) with five stages, namely the stages of analysis, design, adoption, migration, and management. The results of this research are private cloud storage using Owncloud as a medium for storing, securing, and sharing files that are flexible and highly scalable that can be accessed via the internet by users.

Sign in / Sign up

Export Citation Format

Share Document