Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Core Banking Applications

from [Barrie Dempster] Network Security [Permanent Link]
Subject: RE: Core Banking Applications
Date: Mon, 26 Sep 2005 22:21:13 +0100 
On Thu, 2005-09-22 at 12:59 -0400, Beauford, Jason wrote:

The very first thing that popped into my head is "I don't know anything
about banking systems."  Then I wondered how many people DO know about
the kinds of systems working within a bank environment and how they
interact.  I answered "Probably not too many."


So who runs these systems then, if hardly anyone knows about them ?

Bank systems don't differ from any other companies systems, apart from a
few select specialist apps (often in-house), but almost every company
type has specialist apps like this. The difference with banking systems
is that they are *generally* more competently put together, although not
always. There are no "boxed bank" applications - their systems are
generally built on existing solutions with in house modifications or
designed by their internal team just like any other company. For example
Internet banking systems exist where the front end is IIS, the app is
coded in ASP and the backend database server is a SQL server. There are
no secrets here. There are some process that people outside of the
banking industry may not understand at a technical level, but do at a
procedural level such as the BACS system in the UK. However this isn't
secret information and the procedures for it are publicly available, the
technical details come with spending some time working for a bank. Banks
rely heavily on contractors in order to get projects through, usually a
security check and credit check are required - just like many other
companies, then you can quite happily work on a contract with a bank as
a client.

It's a kin to saying that you don't know anything about call centres
because you've never seen a web based calling application. If you
understand web technology and can understand how a business process
translates to an IT system, the particular business type is unimportant.
Although most of these companies like to hire people that have worked in
similar places as it lessens their burden of explaining the business
processes. The important point is that the technology doesn't change,
it's just used to support a different business process.

There are many large banks and therefore many skilled IT guys working
within these banks, in some countries (like mine - Scotland) the IT job
market is dominated by the banks.

-- 
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

"He who hingeth aboot, geteth hee-haw" Victor - Still Game

blog:  http://reboot-robot.net
sites: http://www.bsrf.org.uk - http://www.security-forums.com
ca:    https://www.cacert.org/index.php?id=3

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Software Firewalls, Ansgar -59cobalt- Wiechers
Next by Date:  Re: Anonymize internet access, Saqib Ali
Previous by Thread:  RE: Core Banking Applications, Beauford, Jason
Next by Thread:  RE: Core Banking Applications, Beauford, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]