A Study on Building a Security Zone of the Financial Industry Information Department – Take Bank T as A Example

• Main Authors: Sheng-Hsiung Tsen, 曾聖雄
• Other Authors: Horng-Twu Liaw
• Format: Others
• Language: zh-TW
• Published: 2012
• Online Access: http://ndltd.ncl.edu.tw/handle/45528011132609010011

碩士 === 世新大學 === 資訊傳播學研究所(含碩專班) === 100 === The rapid development of Internet and computer in recent years has brought the convenience to human life, and also has gradually increased the dependence on information technology. In the meantime, with the increase of information leakage and information security incident has affected not only the personal privacy and corporate image, but also the personal safety in serious situation. Therefore, the issue of data leakage protection has aroused special attention to the general public. The financial industry already has the basic protective measures for IT equipment, such as erecting firewalls, intrusion detection system and physical network cutting. However, during the program development and testing phase, customer data is often required for the simulation tests. The access to the confidential and sensitive data uses only the specific account owned by supervisors as the security control. As the entire process of usage is unable to be monitored after logging in, the whole process may cause many points that are not under controlled; therefore, there’s possibility to have the risk of leaking out the confidential and sensitive data. In this thesis, the hypothesis is that based on the new version of the Personal Data Protection Act requirements and the migration of Import Information Security Specification (ISO 27001) of the case bank to set up an information security zone to control the access behavior of the confidential and sensitive data in the operating environment in IT department as a response strategy to have an overall discussion. The research subjects are the programmer, system administrator, administrative staff and auditor in IT department in the financial industry.