Protecting Financial Assets

00:02

welcome back to assets security course, and in this lesson I'm going to talk about protecting financial assets. So I'm going to talk about what kinds of financial assets are there and about protecting access to them and why I am going to talk about just protecting access were for very simple reason.

00:21

If the financial assets is hard currency, for example, something kept in a safe in the company, it's absolutely not the subject off the security focus and this course so

00:32

hard currency people with physical security, people with guns and then the world doors and stuff like that. So they are in charge of that.

00:41

Then we have talking about money in the bank,

00:46

and when we talk money that is in the bank, it's usually in digital form,

00:50

not in something like this safe

00:53

and its access by computers. So it's all the ones and zeros, and the bank is in charge of that security. You just need to pick the right bank. You cannot protect your money in the bank,

01:06

you know, on their service, it's their business.

01:08

What you need to protect is your way to excess

01:12

these financial assets through some kind off application, So you usually have some kind of home line application for businesses, and this kind of application is secure and well written,

01:27

but it still can be penetrated. And to protect that application, you need to restrict access to it,

01:38

which means you have to take care that, uh, just very minimum number of people can actually have passwords toe enter that application,

01:49

then introducing multi level authentication to access. That application is highly recommended. For example, views of password plus some kind of card plus, for example, fingerprint. So all these three things

02:05

combined together

02:07

just if you have them all it one

02:09

place at one time

02:12

can grant you access to this application, and then you can do the payment orders or transaction orders whatever.

02:20

So

02:22

a multi level of ratification is the key of protecting e banking applications.

02:28

This can be done by just installing these on only several PCs and then forcing the multilevel authentication on that device. And banks usually do that today with combination off password and the smart card. So employees given their I d smartcard

02:46

and um,

02:47

they can take passwords. But smart card can be stolen,

02:52

so the other level off additional security could be iris recognition software or face recognition software,

03:00

but these they tend to make mistakes. The thing that is relatively proven is ah to have the fingerprint of defecation. Today's

03:13

most of today's fingerprint readers are hard locked, which means they are keeping the fingerprint information of the person using it inside the device.

03:22

They're not transferred somewhere to the network, so they're not subject to some kind of hacking, and basically that's it. So if nobody can log on a PC where the application's installed, then they can not misuse. The transact will then cannot give the false transaction

03:39

orders and transfer money from your bank account somewhere where they can

03:44

further use it.

03:49

So this was a short video, and you indeed you have learned what kind of facets exist in a company and which are there to protect. And basically they're not subject off mighty security protection. The only thing that I see security has to worry about is to protect access

04:06

to the ways in which you issue the

04:10

the order to your bank, to do the transfer of money. So if it's done by be banking applications and kind of softer you have tow, Additionally, protect the access to that softer.

04:25

And if it's done in the traditional way, using paper based the documents, then it's not subject of vital securities falls,