Modelling the Provision of Information Security of the Object of the Credit and financial Sphere

Abstract

The subject of our study was the analysis of information security of the object of a particular credit and financial sphere, issuing microloans. The authors built a plan-scheme of a typical object of the credit and fnancial sector. We also described the organizational structure and staff structure of the microloans organization. Further, we conducted an analysis of the organization’s staff, their activities, and areas in which they have the right to access. On the basis of the obtained data, we constructed a model of threats to information security of the microloans organization. The authors determined the correspondence of the types of threats to the types of violators of information security. We have built a three-dimensional model of information security, which allows us to calculate the vulnerability factor of the object of credit and fnancial sector, based on the data obtained in the company issuing micro-loans, as well as available statistics. The main parameters that determine the security indicators are identifed: the number and characteristics of destabilizing factors that can manifest themselves and have a negative impact on the protected information; the number and characteristics of the methods used to protect information; the number and categories of persons who can potentially be violators of information security rules; types of protected information. By calculating the security coeffcient of the object, it is possible to create an effective system of its information security and to optimize the choice of a set of technical means and methods of protection of information. It can signifcantly reduce the damage arising from the threats to information security. The method of mathematical modelling developed by the authors allows estimating the current level of information security in any organization of the fnancial sphere.