NAME: MUTHUA BRIAN GITUANJAI.D NO: 632543CLASS: FIC 4010ASSIGNMENT: TERMINAL DOCUMENTREADER: PROF. MUSUVASEMESTER: SPRING 2014DATE: April 5, 2014ContentsThe importance of InfoSec program: 2Advantages of information security: 2Disadvantages of information security: 3Why should banks invest InfoSec budget? 3POLICY 3Purpose 4Responsibilities 4Ensuring the security of customer information: 4Assessing Digitals' Bank's risk in relation to customer and bank information, the bank: 4Record keeping and reporting in the bank: 5Employee training and education 5Policy review 5Policy sharing with employees 5PEOPLE 5TECHNOLOGY 6Safety Overview 6Value of Intrusion Detection 7Conclusion 7INTRODUCTIONAccording to the business dictionary, "a bank is an institution authorized by a government to accept deposits, pay interest, clear checks, make loans, act as an intermediary in financial transactions, and provide other financial services to its customers." ' Banks tend to exchange very important information across networks and with each other. I was recently contacted by the Digital Bank of Kenya to design and improve their current information security program. As we have worked together, it is important that the organization understands all the fundamental aspects of information security and why it is important to invest in information security programs. Information security, also sometimes known as InfoSec, is the process or practice of protecting information from unauthorized access, use, alteration/modification, unwanted disclosure, inspection and/or deletion. Two main aspects of InfoSec: IT (Information Technology) Security - Also referred to as InfoSec like information security, information security is InfoSec applied to technology. It's very important... half of the paper... for the firewall. Some surveys show that up to 80% of all firewalls are configured incorrectly. This could mean that the access control policy is not implemented correctly. IDSs can be configured to detect and respond to this situation. Conclusion Information is at the heart of many businesses in this modern era and the all-pervasive impact of information security in the collection, transmission and processing of huge volumes of information is very important. In this scenario, the need to ensure that information is kept confidential in accordance with accepted privacy norms and to make it available to authorized users at the appropriate time assumes great significance. This is especially true for the banking sector where daily operations are centered on information and information processing, which in turn are highly dependent on technology.