NAME was Share One (https://www.shareone.com) [2] This delivery

 

 

 

 

 

 

 

 

NAME : RAJENDER AJMERA

STUDENT ID: 557301

COURSE NAME : BA 633 INFORMATION SYSTEMS
INFRASTRUCTURE

UNIVERSITY NAME : CAMPBELLSVILLE
UNIVERSITY

PROFESSOR NAME : FRED ROSE

 

 

 

 

 

 

 

 

 

 

With over 40 years of customer services, the CORE Credit Union has served the
state of Georgia. Its main offices are in Statesboro,
and their primary customers have to be educators like
school teachers and university faculty and staff, the local hospital
staff and several manufacturers in the area. The Credit Union competes with
several banks in the area like BB&t and Wells Fargo, but their ability to provide lower interest being a
non-profit organization allows them to provide better prices and products to
their customers. With the change its charter to become a community credit union
the number of customers increases exponentially with a total today of
10,000 members 1. This forced the credit union to create a
website to allow a customer that had
moved from the area to have access to their bank’s
account and funds from anywhere allowing
the customers to reach their account from the comfort of their home as long
they had a computer. The expansion of the IT infrastructure allows the Credit
Union customers to conduct transactions such as telephone banking, Internet
banking, online bill paying services, and mobile banking. Some of the services
were contracted out to third parties companies that offer their needed
commodities.  One of these companies was Share One (https://www.shareone.com)
2 This delivery
technology offers a resolution to the continual costs associated with hardware maintenance, upgrading and
replacing equipment, and licensing. It will save time and reduce costs
associated with disaster recovery/business continuity processes by providing
advanced technology connections. The hosted system provides improved
redundancy, eliminates unreliable backup
tapes and other replication challenges associated with establishing the core
and all ancillary systems after a disaster has been
declared. The hosted technology is aimed
at credit unions that would traditionally consider  an in-house method of implementing their core
system, allowing the credit union to manage their processing while removing
costly hardware expenses. By contracting Share One Inc. as their data
management servers, they save money on
having to create a second backup network. The
cost of maintenance and equipment would be staggering. By using a third party
company that already has the equipment the saving is passed to the stock
holders and the data will be safe in an off site location, in this case in two
different locations, the data replication services offered by Share One ensures
that copies of all transactions are stored in both locations.

The
Network for this credit union transfers not only all the data to the Share One
servers via a VPN connection but uses the same 100 Mbps Ethernet LAN but
connects all the voice network of the offices via a PBX on the premises of the
main office. Also, the facsimiles and the
phone lines are supported by the same
convergence network. Other opportunities that the credit union can take from
having a convergence network it the Video conference application, the customer
can not only apply for a loan only it could have
a video call with the loan officer in near real time via this convergence
network. Also, they have a texting feature that allows
the customers to receive their balance over SMS on their mobile phones. Having
a convergence network is very convenient but at the same with it have its challenges. The amount of bandwidth
required to send over video files and pictures is significant. Also having all these services over the same network makes it
easier for hackers to access all the different aspects of the network, voice,
data, telecommunication, PC, close circuit cameras by defeating only one
security measure. Where is the network was compartmentalized the hacker will
only get one part of the data, whatever is that he broke into and not the whole
network3.

The
Core Credit Union offers numerous services to their customers. Everything from
opening an account online, apply for a loan, remote deposit capture, check ordering, to their mobile
banking (https://www.corecu.org/promo/MobileApp.pdf).
With this mobile application, the
customer can view account balance, make transfers, locate branches and ATMs,
view transactions details, scheduled loan
payment and more. The mobile device has created a tremendous opportunity for
the bank and credit union industry, delivering the information in real time
without having to walk to your PC or the bank. The need to be able to make
payments to your creditors via the phone is a must in any banking institution.
At this time the Core Credit Union allows making
payments to your creditors and bills via ACH while using a computer but the
mobile application is not able to do this according to their website. The only payments you can do with the mobile
application at this time are with in the same institutions like a car loan or
personal loans. The need to add the capability to the application is imminent
but to do this, the credit union will need to do some changes to their network,
changes that are provided by third party companies and systems like the Secure
Elements from Thales. 4 The Secure Element (SE) approach to
contactless mobile payments is essentially putting a payment chip card inside a
mobile phone. The SE typically can take one of three form factors – embedded
(owned by the handset manufacturer), UICC (owned by the MNO) or MicroSD (owned
by the bank). Although the MicroSD option looks
like the best one from a bank’s point of view (due to ownership and control),
this option has gained very little market adoption due to a much higher cost. The
option with most industry collaborative activity currently is the UICC model
which has comprehensive Global Platform specification support and an associated
formal testing and certification infrastructure. The mobile device operating
system itself is not a trusted entity, but the way that SEs are implemented, any operating system
application running on the phone cannot access the SE and its contents; the SE is connected to the NFC controller by a special
secure channel called the single wire protocol (SWP). Providing the phone is
not rooted or jailbroken, there is no way for any application legitimately to
intercept the data to or from the SE. This
makes the SE behave just like a contactless chip card. The following figure
shows the infrastructure required for a bank to support SEs involves HSMs to
securely manage keys and payment credentials together with the interface to the
TSM.

Secure Element Infrastructure

CORE
credit union relies on multiple third-parties to deliver its products, one of
this third party company is Kerio (Kerio.com). Specifically Kerio Connect. 5
The Administration API for Kerio Connect allows administrators to facilitate their
daily work and automate many procedures. With the API, you can create powerful
scripts to assist with routine daily tasks. The credit union uses this system
to integrate and synchronize calendars, contacts,
and email between Kerio Connect and Microsoft Outlook and mobile devices.
Another third party company used by this institution is Share One which we spoke of earlier in this case study. Having third party companies managing your data and
security is convenient. Using these companies saves time and money to the
institution since it does not have to have a dedicated personnel for maintains
and management, in the other hand if the third party company is hacked your
information will be out in the open for all to see and you the credit union
might now even know it. A survey of 40
banks by the New York Department of Financial Services found that nearly one in
three don’t require third-party vendors to alert them about information
security breaches or other cyber security intrusions (USA Today). A bank’s cyber security is often only as
good as the cyber security of its vendors 6.

            Having all this automation at our fingertips, it makes it easier to conduct all the transactions paperless and via
the internet. This saves money to the
bank in postage stamps and paper, not counting the time that it takes to send
the documents via US Mail. Some bank offers
a reduced interest rate if you opt to autopay your load with an automatic transaction from your checking account. This saves money because again the bill does not
need to be produced and mail to the customer. Also,  Paperless banking allows your customers to
track finances and manage accounts online at any time. Online banking customers usually have a good firewall and software
to combat pop-ups, spy ware, and viruses.
Customers understand that to manage their financial life on the computer; they need to be diligent about making
sure protections are in place and updated regularly. Because of this as the
bank manager, I would offer free
antivirus protection to customers that opt to do their banking online, allowing them to secure their information and addition
the credit union will benefit from it because it will prevent any fraud attacks
protecting our assets.  Security
is something that can always be improved. Different third party companies offer
great products to financial institutions allowing them to secure their
information and assets.

 

 

 

 

References

1 CORE CU – Home. Retrieved August
29, 2017, from http://www.corecu.org/

2 Share One, Inc. (n.d.). Retrieved
August 29, 2017, from http://www.shareone.com/

3 What is network convergence? –
Definition from WhatIs.com. (n.d.). Retrieved August 29, 2017, from
http://searchconvergedinfrastructure.techtarget.com/definition/network-convergence

4 https://www.thalesesecurity.com/resources/research-reports-and-white-papers/creating-trust-infrastructure-support-mobile-payments

5 Kerio Technologies. (2017, July
12). Retrieved August 29, 2017, from
http://www.kerio.com/support/kerio-connect#thirdparty

6 McCoy, K. (2015, April 09). Banks
face new cyber security rules for vendors. Retrieved August 29, 2017, from
https://www.usatoday.com/story/money/2015/04/09/bank-cybersecurity-threats/25517905/