# Enhancing Security Infrastructure at SA Union Bank: Strategies & Solutions

# **Authors**

- Sherine Paul Raj (UID: 119362921)
- Anmol Chaudhary (UID: 119399743)


# **Table of Contents**

1. Introduction
2. Current Network Architecture
3. Current State Analysis
4. Proposed Solution
5. Compliance
6. Alternatives
7. Cost Analysis
8. Summary
9. References


# **1. Introduction**

SA Bank, a medium-sized financial institution, serves around 100k customers and employs 150 staff members. The bank's current security infrastructure is outdated, leading to vulnerabilities. Incidents over the past year include website hacks, ransomware attacks, and service disruptions due to SQL injections and DDoS attacks. This report proposes a redesigned security architecture to address these issues within a $500k budget.


# **2. Current Network Architecture**

The existing setup includes:
- **External Web Portal**: Provides online banking services.
- **Load Balancer**: Distributes incoming traffic efficiently.
- **Web Servers**: Hosts web applications.
- **Host Firewall**: Controls traffic between external and internal networks.
- **Internal Systems**: Linux and Windows systems for operational roles.
- **Main Database Server**: Stores critical customer and transaction data.
- **External Devices**: Used by customers and remote employees.


# **3. Current State Analysis**
## Current Assets

The infrastructure consists of:
- Internet-facing applications, network infrastructure, hosts, and servers.
- Data assets including customer information, transaction data, and financial records.


## Current Threat Landscape

- Frequent cyberattacks on the online banking platform.
- Malware and ransomware compromising Windows and Linux systems.
- Vulnerabilities from outdated software and insecure coding practices.
- Challenges due to the shift to remote work.


# **4. Proposed Solution**

The proposed architecture focuses on the following enhancements:
1. **Monitoring and Response**: Implement SIEM for real-time threat detection.
2. **Next-Generation Firewalls (NGFWs)**: Advanced filtering and blocking features.
3. **VPN Tunnels**: Encrypted communication for remote users.
4. **Multi-Factor Authentication (MFA)**: Extra protection for access control.
5. **Network Segmentation**: Separate subnets to limit lateral movement.
6. **Endpoint Detection & Response (EDR)**: Real-time endpoint monitoring.
7. **Web & Application Security**: Regular updates and patch management.
8. **Data Backup & Disaster Recovery**: Incremental backups for minimal data loss.
9. **Compliance Standards**: Adherence to regulations like PCI-DSS, SOX, GLBA.
10. **Cybersecurity Training**: Regular awareness programs for staff.


# **5. Compliance**

Compliance with industry standards is essential for trust and stability:
- **PCI-DSS**: Safeguards credit card information.
- **SOX**: Prevents unethical financial disclosures.
- **GLBA**: Protects personal transactional data.


# **6. Alternatives**

- **Web Application Firewall (WAF)**: Prevents web-based attacks.
- **Data Loss Prevention (DLP)**: Monitors and prevents unauthorized data transfers.
- **Regular Vulnerability Assessments & Penetration Testing**: Identifies security weaknesses.
- **Security Operations Center (SOC)**: Centralized monitoring of security incidents.


# **7. Cost Analysis**

Budget allocation:
- **SIEM & EDR Solutions**: $170k
- **Security Personnel**: $160k
- **Next-Generation Firewalls**: $50k
- **VPN Implementation**: $20k
- **Compliance Standards**: $25k
- **Multi-Factor Authentication (MFA)**: $15k
- **Data Backup Solutions**: $12k
- **Miscellaneous Costs**: $16k


# **8. Summary**

SA Bank's existing architecture lacks modern security measures, leading to frequent breaches. The proposed solutions focus on advanced security technologies and adherence to compliance standards to enhance overall security and maintain customer trust. A balanced cost analysis ensures efficient investment in critical areas without overspending.


# **9. References**

1. Facilities Management Advisor. "8-Step Risk Assessment for Your Facility's Security."
2. ManageEngine. "Threat Detection and Prevention with Log Management."
3. Splunk. "SIEM: Security Information and Event Management."
4. CrowdStrike. "Endpoint Detection and Response (EDR)."
5. CompTIA. "Security Awareness Training and Network Segmentation."
6. NetApp. "What is Backup & Recovery?"

