3rd International conference titled “Innovations Aimed at Results: Expanding Business Frontiers” organized by the company R-Style Softlab took place on April 18-22, 2008 in Jordan. InfoWatch was a partner of the event.
Participants of the conference from more than 70 Russian and CIS bank officials included representatives of Avtovazbank, Alfa-Bank, Agroinvestbank (Dushanbe), Baltinvestbank, BMV-Bank, VTB, Gazprombank, Inkredbank, Lipetskkombank, Metkombank, Moskovskiy Neftekhimicheskiy Bank, Natsionalnyi Standard, Petrokommerce, Trust Bank, Uralsib, Probiznesbank, Rosprombank, Fia-Bank, Khamkorbank (Andijan), Home Credit Bank, Chelindbank and many more.
The conference agenda covered such topical questions of modern financial market as influence of IT development on investment attractiveness, support of geographically-distributed business, prompt launches of typical sales branches, IT-outsourcing, consulting and ASP-services, budgeting and support of managerial decisions, integration technologies and information security. Discussions and interchange of experience which began in the course of working panels continued during a roundtable.
InfoWatch and RosEvroBank presented at the conference their joint report titled “Information Security of Modern Banks.” The speakers were Rustem Khayretdinov, Deputy Director General of InfoWatch and Yuri Lysenko, Head of Information Security Department of RosEvroBank.
The central topic of the speech was requirements of Russian and foreign standards for financial institutions (Standard of Central bank of Russian Federation, PCI DSS, Basel II, SOX). As is known, these requirements put information protection tasks of banks to priority. Today customers’ attention is drawn not only to technical features of specific products, but also to deployment of such products, concurrent changes in company’s business process, legal support of the use of some types of products and other organizational and technical details of projects.
The authors of the report offered the audience a method of segmentation of technical solutions depending on a type of a wrongdoer (a top-manager, a common user, an ABS-operator, a system administrator) and a technical structure of the information under protection (databases, workflow systems, mailing systems, files at local and mobile workstations). By the example of implementation of particular projects with Russian banks the audience learned how to evaluate information security and substantiate budget for information security.
Finally, listeners’ big interest was drawn by particular examples on how to avoid legal conflicts between workers’ constitutional rights for personal privacy and communications privacy on one hand, and international standards requirements and Russian regulations from the other hand.