商业银行信息系统的整体规划与安全保障.pptVIP

Complex System Solution Center Consulting I T Architect洪启煌 2003/4/9 银行业面对的挑战—————————————————————————— 理想的银行信息系统架构 理想的银行应用系统架构 Traditionally, we either develop applications inhouse or acquire a packaged solution…..------------------------------------------------------------------- The Problem: IT in Vertical Fragments Operating Environment Pain Points Insufficient Performance Hardware and systems are quickly outdated Difficult to manage systems to an end-to-end QOS Unable to adapt to change in demand Not able to dynamically adjust to fluctuations in load Can’t share capacity across applications Unable to adapt to changes in applications and infrastructure Each new component causes significant integration challenges Interfaces are not based on open standards Fragile Single points of failure are prevalent Failover and business continuity requires expensive, custom solutions Think Horizontal , Building an On Demand Operating Environment The On Demand Application Environment以客户为中心的新兴银行应用体系机构 On Demand Systems Architecture Autonomic Managers Technology Road Map to meet future requirement DCC 预期效益与挑战 DCC项目成功的关键因素 DCC亟需有效的、标准化的厂家支持模式 Information Security Management System Activities Information Security Policies Risk Assessment Workshop Platform Sepecific Standards/Essential Practices Departmental/Divisional Procedures Asset Ownership Classification Remote Intrusion Tests Network Architecture Review System Assessment Mitigation Site Security Review Alert Letters Continuous Monitoring Maintenance Why our Information System is so unsecure?---------------------------------------------------------------------------- “Information security is a chain, it is only as secure as the weakest link.”“Information security is a process, not a product.” --- By Bruce Schneir ISO 17799 Information Security Management System is the solution to these problems challenges--------------------------------------------------