Deputy Minister of Information and Communications Pham Hong Hai (3rd from left) visited CMC Telecom's Data Center (Photo:CMC) |
Data Center a secure solution for businesses to deal with increasing network attacks.
The official website of Vietnam Airlines being hacked in 2016 caused many customers to block their online payment accounts while attacks on bank accounts are a constant security concern in the banking and electronic payments sector.
Security concerns
Security firm Kaspersky has warned that hacker groups specializing in targeted attacks have successfully attacked banks and financial institutions in Asia-Pacific, including Vietnam. They target ATM infrastructure, SWIFT servers, or databases with debit and credit card transactions, causing infinite losses.
The Department of Information Security at the Ministry of Information and Communications has this year founded many offensive campaigns targeted to applications on the Android platform, especially online banking applications. Security experts and many organizations have detected a lot of dangerous variants of malicious code on the Android platform: Faketoken, Svpeng, BankBot, and AceCard, which pose a grave threat to online banking users.
“Cyber attacks aimed at electronic payments have created heavy losses in recent years,” said Mr. Nguyen Thanh Hung, Deputy Minister of Information and Communications. “This is truly a danger to the stable development of the electronic payments market in particular and the banking sector in general.”
For his part, Mr. Ha The Phuong, Deputy CEO of CMC InfoSec, has warned banks, financial institutions, and payment agencies in Vietnam of the need to have card security certificates of international standard. “This is a mandatory information security standard for businesses that store payment cards managed by five international payment organizations: Visa, MasterCard, American Express, Discover, and JCB,” he said.
“Data Center” - A protective wall
PCI DSS is known as a tool to protect banks, electronic payment systems, and e-commerce from the risk of attack. It is designed to help card issuers protect their data against unauthorized access and will help businesses restrict vulnerabilities and the risk of information theft and enhance the protection of data stored on the card.
PCI DSS has become a mandatory requirement for banks and other card issuers. Every year, banks and card issuers will be required to secure new PCI DSS certification.
CMC Telecom has officially launched its third Data Center, of Tier 3, ISO 9001:2015; and ISO 27000:2003 standard, located at CMC Tower, 7 km from Hanoi on an area of 1,000 sq m. This is the first and only Data Center in Vietnam adopting the PCI DSS security standard.
PCI DSS requires organizations meet 12 security requirements and must be evaluated annually by Qualified Security Assessor, the only organization granting PCI DSS. In order to secure certification, CMC Telecom had to meet many security requirements in its infrastructure (network, storage, control systems), demonstrate at least two customers performing security services each year, have human resources for security certifications, and purchase insurance for clients.
Using a PCI DSS-compliant Data Center is a preventative measure to avoid network security risks and represents an effective investment.
According to the US’s Ponemon Institute, organizations applying PCI DSS have reduced the number of data-stealing attempts. Approximately 64 per cent of businesses that apply the standard said they have not suffered an attack to payment card data within the last two years. Meanwhile, only 38 per cent of enterprises not applying the PCI DSS standard said likewise.
by Tue Lam / VET