Home Tech Don’t play with customer data

Don’t play with customer data

2
0

Data is an extremely valuable economic resource, many businesses and fields depend on it. In the banking sector (NH), customer data is many times more important, because it is not only basic personal information, but also the status of customers’ assets, balances, and cash flows. . Security so that customer data is not exposed (breach) is one of the top concerns of these financial institutions, so banks have to invest a lot of effort and money.

A wake-up call about SMALL governance Recently, on social networks in Vietnam, a computer screen shot of a famous artist’s NH account statement related to the incident has attracted a lot of public opinion. Although NH has admitted that its employees spread the word, this is a wake-up call for those working in the banking sector, as well as the leaders of these organizations. In the era of information technology, customer data security can be said to be the most important for banks. Previously, the prestige of the banks was in the solidity of the safes, which were dug deep in the tunnels, through many layers of thick steel doors, resistant to fire and explosion and even earthquakes. Today it is the NH’s security system. Because most assets and liabilities are stored in the form of numbers, lines of data. The disclosure of customer data is often considered an accident of the security system, due to unintentional human error, or due to an external attack. But security risks do not only come from information technology systems. There are three places where security risks arise, that is from a governance perspective in relation to processes, monitoring, information systems, and operations. The above incident shows an error in the operation of the staff, related to the management of the bank. Normally, when signing a work contract, in the contract terms, of course, there must be things that employees must not do, not to mention the business ethics of the industry. And so this is not entirely the fault of the staff, NH is also responsible for regular training, as well as supervision. The consequences of customer data being disclosed are serious on several levels. For example, the bank must be responsible for the damages incurred because the customer account is attacked individually, or the entire information system of the bank is the prey of hackers. Equally important damage is the reputation of NH. As a customer, no one wants to send money or do business with NH but “house” is loose. The more important partners are not. NH is also confused Customer data in banks is the survival of banks. Security is the new generation of “safes”, and the prestige lies in the system, as well as the consciousness and skills of the key holders. In the matter of customer data, banks also have a big confusion between needing a lot of customer data (KYC), security and customer privacy (privacy). Banks themselves also need a lot of KYC, not only to manage risks, but also to develop services to provide to customers, especially cross-selling and value-added services. State regulatory agencies also require banks to perform KYC, mainly for the purpose of anti-money laundering and illegal activities. But when customer data increases, integration from many sources, many systems with heterogeneous standards or formats, is a huge challenge for NH’s information system. Because the more sources, the more “entrances” there are more exposed points, many places can be hacked. The collection of customer data is also met with a certain reaction from them because of privacy. In many developed countries, such as Europe with the General Data Protection Regulation 2016/679 aka GDPR, there is a huge shift from service providers in general and the sector. NH in particular. There are data, currently NH wants to collect the consent of customers. In short, customer data in banks is the survival of banks. The security is a new generation “safe” form, and the prestige lies in the system, as well as the consciousness and skills of the key holders. Domestic banks need to pay attention In terms of customer data security risks, domestic banks compete with each other in technology and there is almost no big difference between banks in the same group, for example, large banks have enough resources to Get the best system. Even later banks have an advantage because technology costs decrease over time. The problem for data security, therefore, mainly lies in the management system of the bank, as well as in the daily operation. In administration, besides processes and monitoring systems, leaders’ awareness of security issues is extremely important. Not only investing properly for the information technology system, leaders must always closely monitor this issue, considering this as their important task. Therefore, there is a need for consistent direction and coordination between the banks’ departments, considering this as the core activity of the bank. In the course of daily operations, it is the awareness and skills of the employees. Periodic and continuous training is absolutely necessary for all employees, especially functions and positions of authority. If the employee is aware of the seriousness of the disclosure of the customer’s account, no employee would dare to act so impulsively, not to mention, besides internal handling, it may also be involved in legal regulations .