/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsCan you throw some light on the security handbook released by Microsoft in
partnership with PricewaterhouseCoopers? What was the driver behind it?
This is a handbook for security professionals and auditors, aimed at
providing guidance to the auditors and the financial institutions when it comes
to assessing and evaluating security risks and the adequacy of the risk
management exercise being undertaken by the organization. We have customized the
banking security audit guidelines released by Reserve Bank of India to specific
technology platforms.
But, why the focus on the financial sector?
The banks and financial institutions have been the epitome of trust. One
reposes trust in them. And, when these organizations are using technology,
including IT, they need to ensure that whatever they are doing is secured and
trustful. There was feedback from our customers and partners that while they are
using a lot of IT systems, they dont know how to secure according to the best
manner and the best practices that are there.
/dq/media/post_attachments/08281f1bb4ca66ef997e71556c749330240e1092fee54e83c175bc188004c257.jpg)
So, is it relevant only for the banking and financial sector?
The fact is that the banking regulations by RBI mandate certain things. Then
there is the whole trust factor and high stakes involved. Besides, this sector
is usually ahead in terms of technology. Therefore, BFSI will be at the
forefront in terms of usage. But, while the security handbook is for the
financial sector, and the prompt for this came from the needs of the banking and
financial services industry, it can be equally relevant in the other industries
as well. Therefore, the handbook for the BFSI sector is not restricted. It can
be very well used in other organizations as well.
Which are the Microsoft products covered in the handbook?
The handbook includes all the key controls that should be reviewed during a
systems review for three key Microsoft Platforms: Windows Desktop Operating
Systems, Windows Server Operating Systems, and SQL Server Database incorporating
various versions. We see it as a step toward simplifying our technology and as a
value add for our customers. The feedback from the users has been very
encouraging.
Shipra Malhotra
shipram@cybermedia.co.in