Insider Threat and Mitigation for Cloud Architecture Infrastructure in Banking and Financial Services Industry

摘要

Cloud architecture infrastructure for Banking and Financial Services Corporations operates on access control mechanism and trust over various cloud user. Having established the on demand service delivery model to operate, maintain, control and govern the cloud architecture, Banking and Financial Services Corporations deliver round the clock services to customers. Despite stringent security controls and minimum access level, the cloud users identify and exploit the cloud vulnerabilities. This leads to data leakages and loss of critical information. Depending upon the area of business and sophistication with which vulnerabilities have been exploited, frauds are committed and system are damaged by employees and third party contractors. The reason for such exploitation ranges from disgruntlement to personal issues of employees and third party contractors. In this paper, we have identified the various types of insiders, their motives, risk associated with information systems and methods of mitigation in Banking and Financial Services Corporations.