The daily activities performed by Rural Banks has resulted the amount of data increasing exponentially, which can transform the banking as an institution. Processing dependable data such as government salaries, individual transactions, etc can help determine certain trends, that can be used to validate and analysis the quality of banks data. Nevertheless, system administrators of the banks can use data as a means of monitoring users of the application and advice management accordingly. As Rural Banks are gradually expanding and adopting to modern ways of banking such as short message service (SMS) banking, electronic transfers, branches data consolidation and merging with different API software applications, needed attention and careful monitoring is required by the banks administrators to make sure data organization data does not leak to wrong person or the data are not been tempered with. If hackers or someone with bad intention gets access to a database, it becomes dangerous and breaches organizations secrecy which can tarnish the organization image.
Data security is a means of ensuring that database of any institution or organization does not get into wrong hands. The data must be protected in such a way that internal staff with criminally minded cannot get access to the database. Hackers always try their best to get access to a database by trying to break through an organizations network firewalls or gaining physical access to the data. Database can be corrupted by viruses, database crash etc, which administrators have to guard against. The objective of ensuring database safety in the banking sector is to safeguard the continuous use of database and networks that are important to the organization, to prevent the unauthorized use of data, the unintentional or deliberate destruction or distortion of data, and to minimize damage caused. In addition to protecting organizational database, preparations should be made to deal with threats that might result in the deferment of uses and to recover from such situations.
To be able to protect an organization database, the data security policy must be adhered to and security training must be organized periodically to the banks administrators.
In most institutions the performance of individual employees is a major factor determinant of organizational success. How well an employee can perform will depend on the type of training given.
The reason behind employee training cannot be Over-emphasized, some of which are, which training is the process from which employees acquire the capabilities to perform their jobs and is an essential part of any successful business or institution. In addition employees will not reach their full potential and higher levels of productivity will not be achieved unless employees are adequately trained. A poorly trained work force will eventually led to poor performance and result in costly mistakes. Also trained employees can help institutions to compete.
The results of my findings with regard to database security suggest that there is a still pothole that needs to be filled by giving adequate training to employees.
Rural banks can eradicate the danger of database threats by making a policy that members of board of directors get involved in the organization’s information security policy risk management team. The world has now become global village and as network and banking application increases, it becomes necessary to protect and maintain organization data as while as organizations computers and network configurations. An outsider or intruder cannot attack a company database without using internet. Thus, internet plays a very important role as far as external data hacking is concerned. Identification, authentication and authorization, and (CCTV) cameras are all security measures that should be in place as far as database security is concerned. Network administrators should make sure not all users on the network get full access to the internet. To be able to achieve the above stated measures, staff training must be emphasized thoroughly. The efficiency of an organizational performance and adherence of protocols and procedures depends on training.
The under listed measures must to be considered in planning a protected network.
Physical Installation Attack: Physical installation attacks are attacks that can be seen but might not be prevented due to factors such as robbery, physical attack and many more.
Access Attack: This attack can be classified as either an outsider or insider. When an insider or outsider attempts to access the organization network unlawfully with intent to copy some file steal data from the system. It can be categorized into PASSWORD ATTACKS (Hackers try their maximum best to guess passwords) and TRUST EXPLOITATION (This type of attack usually happens at an organization where the staff believe and trust themselves)
Worm, Virus and Trojan horse Attacks: these types of attack are common in organizations where users are allowed to plug-in removable devices such as pen drives, external hard drives, compact disk and etc. To be able to prevent this attack, antivirus software must be installed on all the computers and the managers of the institution should make sure the antivirus signature is updated and running.
Confidentiality: Information in the network remains private.
Authentication: Ensure the users of the network are who they say they are.