CYS403 Risk mitigation and guidelines for banking systems

 

You can add/edit risks and change management

Risk Risk Level

(Low/Medium/High)

Management

(accept/transfer/avoid/mitigate)

Residual Risk
Malware Low Accept Risk.  
Phishing Medium Taking mitigation efforts.  
Identity theft Medium Taking mitigation efforts.  
Ransomware Medium Taking mitigation efforts.  
    Taking mitigation efforts.  
    Transfer Risk (Seeking help from External Entities).  
    Transfer Risk (Seeking help from External Entities).  

 

 

 

 

  1. SECURITY POLICIES AND GUIDELINES

Analyze the security policies and guidelines given by the chosen company for the customer to ensure they are obeying to the security standards.

 

EXAMPLE:

Write it according to bank systems, Use it as a template

Information technology approaches are essential checking frameworks that better control the weakness of data security. Being drawn closer by organizations . An organization data security frameworks and practices ought to be as per the organization data security method. Certified risk to information affirmation introduced by the affiliation. Thusly, PayPal wants their clients to keep 12 rule practices to guarantee that they will be far away from any security chances.

The 12 practices:

1- Authentication.

2- Anti-phishing.

3- Keep vigilance.

4- Process of Site Security.

5- Allow the protocol to choose the newest version.

6- enabling perfect forward secrecy.

7- Eliminate the VeriSign G2 Root Certificate.

8- XSS/CSRF

9- Addition of specific information or features upon request to aid in the detection of fraud.

10- Upgrading to SHA-256 and SSL certificates.

11- Using TLS version 1.2 or higher.

12- Do not hard-code specific ciphers.

PayPal security is subject to extensive security controls by all partners including the end clients, online retail sites, engineers and PayPal itself.

 

 

 

The security guidelines given by PayPal to the customers

 

  1. Use of WebView in Mobile Applications – PayPal advises users not to display the PayPal webpage via the WebView mechanism. PayPal recommends using authorized browser views, such as Chrome on Android, and Safari View Controller on Apple iOS.

 

  1. Use perfect forward Secrecy – Perfect Forward Secrecy (PFS) is recommended by PayPal for customer integration. Even if the current secret key is compromised, the PFS ensures the confidentiality of future communications.

 

  1. Disable SSL – For HTTPS web servers, PayPal recommends TLS version 1.2 or higher.

 

  1. Strong Authentication – Strong authentication requirements are recommended by PayPal. The following are the requirements:
  1. secret password that is at least six characters long and contains at least one number and one alpha character. It is also required that the is not a common word and that it is not older than ID.

 

  1. PayPal also required a secure channel, such as HTTPS, when delivering the secret phrase over the network upon login to prevent network sniffers from catching it in clear text.

 

 

 

  1. It also implies that the password should not be stored in clear text on the server.

 

d.To avoid being hijacked by anyone listening on the network, the browser session cookies must be delivered through a secure channel.

 

  1. If a meeting is inactive for more than 15 minutes, PayPal needs the customer to re-login in order to complete any trade.
  2. A brute force attack on client accounts that tries common passwords against a user ID. PayPal advises locking login attempts after a certain number of failed attempts.

 

  1. PayPal advises customers to be wary of phishing scams. Phishing attacks include sending communications to customers posing as PayPal and linking to malicious sites that look like PayPal. Client certifications are captured at the destinations, together with financial and personal information.

 

  1. According to PayPal, cross-page prearranging (CSS) attacks should be checked in client web apps. In addition, the sites should not be vulnerable to cross-site request forgery (CSRF) attacks.

PROPOSED ENHANCED SECURITY APPROACHES

Paypal is the world’s most secure payment method. Paypal takes security seriously, fusing a secured path to mitigate threats. Furthermore, hackers and their methods are evolving these days, and PayPal is a prime target for attackers and phishing because it is well-known, and they must invest in security to protect their system from these attacks.

  • Defend yourself against DoS and DDoS assaults (Availability Improvement)
  • Authentication using two or more factors (Confidentiality Improvement)
  • Protection against Man-in-the-Middle attacks (Integrity Improvement): Mechanisms can be used to prevent data from being intercepted while in transit.
  • Hackers utilize epay shoppers’ data as a third party to gain sensitive data in their paypal accounts, therefore never compromise paypal accounts with ebay purchasers.
  • Encourage hackers to find weaknesses. For example, PayPal rewards hackers who discover flaws in the company’s systems.
  • Use three-factor authentication (3FA), which offers a versatile and secure user authentication option.
  • They must utilize their fingerprint or facial recognition in addition to the password and OTP necessary for login.
  • They should not provide personal information about their customers to outside parties.
  • Because transferring data to third parties exposes client data in an insecure manner and increases risks, it is not recommended..
  • To assist combat fraud and email phishing, PayPal should monitor every transaction 24 hours a day, seven days a week.
  • PayPal should not solicit users for personal information in emails.

 

 

 

Get 20% Discount on This Paper
Pages (550 words)
Approximate price: -

Try it now!

Get 20% Discount on This Paper

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Assignment Help has assembled a team of highly skilled writers with diverse experience in the online writing circles. Our aim is to become a one stop shop for all your Academic/ online writing. Check out below our amazing service!

Essays

Essay Writing Services

At Assignment Help, we prioritize on all aspects that creates a good grade such as impeccable grammar, proper structure, zero-plagiarism, and conformance to guidelines. The principal purpose of essay writing is to present the author's evaluation concerning a singular subject about which they have made. Since Professionalism is the mother of every success, try our team of experienced writers in helping you complete your essays and other assignments.

Admissions

Admission Papers

You have been trying to join that prestigious institution you long yearned for, but the hurdle of an admission essay has become a stumbling block. We have your back, with our proven team that has gained invaluable experience over time, your chance of joining that institution is now! Just let us work on that essay.How do you write an admission essay? How do you begin the essay? For answers, try Quality Custom Writers Now!

Editing

Editing and Proofreading

Regardless of whether you're pleased with your composing abilities, it's never an impractical notion to have a second eye go through your work. The best editing services leaves no mistake untouched. We recognize the stuff needed to polish up a writing; as a component of our editing and proofreading, we'll change and refine your write up to guarantee it's amazing, and blunder free. Our group of expert editors will examine your work, giving an impeccable touch of English while ensuring your punctuation and sentence structures are top-notch.

Coursework

Technical papers

We pride ourselves in having a team of clinical writers. The stringent and rigorous vetting process ensures that only the best persons for job. We hire qualified PhD and MA writers only. We equally offer our team of writers bonuses and incentives to motivate their working spirit in terms of delivering original, unique, and informative content. They are our resources drawn from diverse fields. Therefore your technical paper is in the right hands. Every paper is assessed and only the writers with the technical know-how in that field get to work on it.

Coursework

College Essay Writing

If all along you have been looking for a trustworthy college essay service provider that provides superb academic papers at reasonable prices, then be glad that you search has ended with us. We are your best choice! Get high-quality college essay writing from our magnificent team of knowledgeable and dedicated writers right now!

Coursework

Quality Assignment/Homework Help

We give the students premium quality assignments, without alarming them with plagiarism and referencing issues. We ensure that the assignments stick to the rules given by the tutors. We are specific about the deadlines you give us. We assure you that you will get your papers well in advance, knowing that you will review and return it if there are any changes, which should be incorporated.