A research on the establishment of an information security environment for the finance industry

Due to the development of information technology, relevant business information of enterprise and government authority is stored in the computer by means of digital method. In addition, it relies on computer and network to maintain it operation. Due to the characteristics of network, person with intention to commit crime can conduct criminal behavior by linking with the network at any time and at any place. If there is no appropriate control on the information asset, information can be easily altered or deleted and even important information may be disclosed thereby generating serious loss. As the business of the finance industry includes the personal and transaction information of customer, therefore the requirement on information security has to be more stringent than other industry. Moreover, for the consideration on information security, generally this is conducted based on the angle of technology, but other factors are ignored. In fact, information security has three aspects including technology, management and policy. This thesis will provide suggestion on the overall information security protection on the information environment of the finance industry. Furthermore, study is conducted on the information regulation/industry standard and flow planning that can be used to provide an overall information security solution plan that is safe and efficient.