BankZero allows all its clients to open accounts, increase their limits, and conduct high mount transfers irrespective of bank balance. Furthermore, once users are logged in, they can perform all other transactions with no restrictions. Is this bank violating any of the pervasive security principles? Support your answer by discussing those principles that are not being adhered to
Yes the bank is violating some of the pervasive security principles which are;
(1)Confidentiality - these are measures which are designed to protect against unauthorized disclosure of information. The objective of the confidentiality principle is to ensure that private information remains private and that it can only be accessed by individuals who need that information in order to complete their job duties.
(2)Integrity - this involves protection from unauthorized modifications for example add, delete, or change of data. The principle of integrity is designed to ensure that data can be trusted to be accurate and that it has not been inappropriately modified.
(3)Availability - is protecting the functionality of support systems and ensuring data is fully available at the point in time (or period requirements) when it is needed by its users. The objective of availability is to ensure that data is available to be used when it is needed to make decisions.
Comments
Leave a comment