Summarizing how information security - Essay Example

Information Security System of Citibank With Respect To CIA Triangle CIA Principle The CIA triad namely Confidentiality, Integrity and Availability can be considered as one of the simple and widely applicable security models for an organization which assures to protect all kinds of information from external threats. These three major principles are supposed to be relevant with the entire security analysis of an organization (Imperial College London, 2012). Confidentiality: Confidentiality can be acknowledged as the ability to maintain secrecy of information from unauthorized external users.

It is possibly the major apparent aspect of the CIA triangle in terms of security assurance for an organization. However, this principle is frequently attacked by the external users through Cryptography and Encryption techniques in order to transfer files or information from one system to another (Imperial College London, 2012). In the context of Citibank, it has been found that the organization seeks to implement a well-built security system in order to protect the information related to financial aspects and other banking transactions of its 200 million customers (Citigroup Inc., 2012). Integrity: According to the CIA principle, the aspect of integrity can be stated as the ability to make sure of keeping or storing data or information in an appropriate and unaffected way.

It has been learnt that Citibank manages the personal data, records as well as information of each client in an appropriate manner and with the assistance of Citi Records Management Policy as well as Citi Data Management Policy. Furthermore, the organization implements advanced security processing system of each data, record or information that are collected from individual clients in terms of appropriate and secured storage capacity (Citigroup Inc., 2012). Availability: This principle of the CIA triad relates to the accessibility of transaction records or information by an appropriate and authorized user at the right time.

However, various security issues with respect to accessing transactional record and information of a client by other external or unauthorized persons have been recorded. The organization is known to adopt an advanced form of process to identify the appropriate and authorized persons (Citigroup Inc., 2012). Security Policies in Citibank Citibank ensures an effective and efficient form of security policy regarding maintaining and protecting data, information or record of its individual client. In the context of information security, it can be stated that the organization strictly maintains laws and regulations in order to increase the level of protecting information from external threats.

Citibank significantly pursues a formal set of rules and regulations pertaining to The Gramm-Leach-Bliley Act (GLBA) which is also known as ‘Financial Services Modernization Act of 1999.’ According to this Act, the financial service providers need to possess appropriate information security systems in order to maintain and protect the personal form of information of each client. Moreover, the regulatory Act also focuses on maintaining an effective and appropriate CIA principle with respect to the various transactions made by any financial institution