Read More>> 
What prompted the RBI Guidelines on Information Security?
The rapid and ever-increasing digitization of financial transactions and account operations in India has led the Reserve Bank of India to issue certain guidelines on Cybersecurity. These guidelines were issued due to some common errors found in the cybersecurity infrastructure of banking institutions. The most important issues banks faced were a lack of IT governing framework, absence of real-time end-user monitoring, inadequate authentication mechanisms, absence of privileged credentials management (no randomization and vaulting of passwords), absence of fine-grained control over privileged users (absence of principle of ‘least privilege’), and a lack of reporting on privileged activities.
What are the RBI Guidelines on Information Security?
The RBI mandates end-to-end protection of customer data, advanced real-time threat detection, user access control & management, vulnerability assessments and seamless monitoring of user activities, and extra focus on extended networks in a shared environment.
The Reserve Bank of India (RBI) Mandates and Compliance
In a much-interconnected system, mitigating risks emerging from technology adoption will be critical to preventing systemic risk. Indeed, in this digital era where banking organisations are increasingly exposed to IT threats and frauds, nothing is more challenging than maintaining strong information security and cyber security posture.
In the given context, the Reserve Bank of India (RBI) mandates a set of measures to be implemented by banking institutions. Among many baseline controls, the RBI lays special emphasis on user access control and management.
Read this report to learn more about how ARCON | Privileged Access Management helps to comply with the RBI mandates on user access control and management.
Download RBI Circular Document
RESOURCES
View All
Privileged Access Management
