Determinants of Data Security in Management Information Systems of Commercial Banks in Nairobi, Kenya
Loading...
Date
2013-08-27
Authors
Kweri, James Murage
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
In Kenya, rarely are cases concerning data security breaches on commercial banks reported
or documented. This does not however mean that there are no such cases or that the
information systems used by the commercial banks are completely secure. In as much as due
diljgeoce~d gross assessment of usage, vulnerability, security and recovery of the systems
adopted ~y these banks is done before their adoption, it is worth to note that the human brain
has remained superior to computers, implying therefore that the information stored within
these information systems is not fool proof and that there do exist risks of manipulation of
their data by rogue and systematic users. Further, limited study has been carried out to
determine factors that influence data security in the Information systems used by the banks.
Occurrence of a breach in data security is unpredictable and as such, informed defence
against their occurrence is critical. It is against this backdrop that this study seeks to establish
the factors that influence data security in commercial banks. The objective of the study was
to determine the factors that influence data security in the management information systems
used by commercial banks in Nairobi, Kenya. The study will adopt a cross-sectional survey
in which different banks will be studied. Primary data was collected using a questionnaire
while an extensive literature review has been done using various secondary sources. The
target population was the information security staff working in the headquarters of
commercial banks located in Nairobi. A census for all the banks in Nairobi was carried out
and the study targeted two respondents per bank, at two strata; one senior IT manager and a
general IT technician. Questionnaires were distributed at all the bank's headquarters and
collected after a period of seven days. Introduction correspondence were done through email
to all the bank's human resource department which were requested to allocate two random
respondents. The data collected was thereafter coded andentered into SPSS and analysed
using descriptive statistics and Pearson correlation. Out of 86 questionnaires distributed 66
were successfully completed and refilmed by respondents from 34 commercial banks, giving
questionnaire response rate of 76.721-~: The results indicates thattype of data increases
chances of breach attempts. The amount of data is strongly positively correlated with data
integrity and network security. The study also established that customers have contributed to
cases of fraud due to poor handling of their data. Majority of respondents indicated that their
organization have experienced frauds through use of hostile technology e.g. ATM skimming.
From the research findings, it can be concluded that type and size of data, user knowledge
and hostile technology does influence data integrity and network security. The research
therefore concludes that both sufficient financial and human resources should be deployed by
the commercial banks to deal with data security. This study identifies key factors in banks
data that might compromise data security with a view to educating the stewards of banks
influencing their direction of designing systems to guarantee banks data integrity and
network security. The research recommends that for the integrity of the data and network
security the top management should support effective training,skill up-grading and awareness
mechanisms to bank employees that would respond and continuously adapt to emerging
technological challenges in the bank's MIS infrastructure.