Higher Nationals

Internal verification of assessment decisions – BTEC (RQF)

INTERNAL VERIFICATION – ASSESSMENT DECISIONS
Programme title BTEC Higher National Diploma in Computing

Assessor Internal Verifier

Unit 13: Computing Research Project
Unit(s)
Final Research
Assignment title
Student’s name
List which assessment Pass Merit Distinction
criteria the Assessor has
awarded.
INTERNAL VERIFIER CHECKLIST
Do the assessment criteria awarded match
those shown in the assignment brief? Y/N

Is the Pass/Merit/Distinction grade awarded

justified by the assessor’s comments on the Y/N
student work?
Has the work been assessed
Y/N
accurately?
Is the feedback to the student:
Give details:

• Constructive?
Y/N
• Linked to relevant assessment
criteria? Y/N

• Identifying opportunities for

improved performance?
Y/N

• Agreeing actions? Y/N

Does the assessment decision need

Y/N
amending?
Assessor signature Date

Internal Verifier signature Date

Programme Leader signature (if
Date
required)
 Confirm action completed
Remedial action taken

Give details:

Assessor signature Date

Internal Verifier
Date
signature
Programme Leader
Date
signature (if required)
Higher Nationals - Summative Assignment Feedback Form

Student Name/ID

Unit Title Computing Research Project

Assignment Number Assessor
Date Received 1st
Submission Date
submission
Date Received 2nd
Re-submission Date
submission
Assessor Feedback:

LO2 Conduct and analyse research relevant to a chosen computing research project

Pass, Merit & Distinction P3 P4 M2 D1

Descripts

LO3 Communicate the outcomes of a research project to identified stakeholders

Pass, Merit & Distinction P5 M3 D2

Descripts

LO4 Reflect on the application of research methodologies and concepts

Pass, Merit & Distinction P6 P7 M4 D3

Descripts

Grade: Assessor Signature: Date:

Resubmission Feedback:

Grade: Assessor Signature: Date:

Internal Verifier’s Comments:

Signature & Date:

* Please note that grade decisions are provisional. They are only confirmed once internal and external moderation has taken place and grades decisions have
been agreed at the assessment board.
Assignment Feedback
Formative Feedback: Assessor to Student

Action Plan

Summative feedback

Feedback: Student to Assessor

Assessor signature Date

Student signature Date

Pearson
Higher Nationals in
Computing
Unit 13: Computing Research Project
Assignment 01
General Guidelines

1. A Cover page or title page – You should always attach a title page to your assignment. Use previous page as
your cover sheet and be sure to fill the details correctly.
2. This entire brief should be attached in first before you start answering.
3. All the assignments should prepare using word processing software.
4. All the assignments should print in A4 sized paper, and make sure to only use one side printing.
5. Allow 1” margin on each side of the paper. But on the left side you will need to leave room for binging.

Word Processing Rules

1. Use a font type that will make easy for your examiner to read. The font size should be 12 point, and should
be in the style of Time New Roman.
2. Use 1.5 line word-processing. Left justify all paragraphs.
3. Ensure that all headings are consistent in terms of size and font style.
4. Use footer function on the word processor to insert Your Name, Subject, Assignment No, and Page
Number on each page. This is useful if individual sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to help edit your assignment.

Important Points:

1. Check carefully the hand in date and the instructions given with the assignment. Late submissions will not be
accepted.
2. Ensure that you give yourself enough time to complete the assignment by the due date.
3. Don’t leave things such as printing to the last minute – excuses of this nature will not be accepted for failure
to hand in the work on time.
4. You must take responsibility for managing your own time effectively.
5. If you are unable to hand in your assignment on time and have valid reasons such as illness, you may apply
(in writing) for an extension.
6. Failure to achieve at least a PASS grade will result in a REFERRAL grade being given.
7. Non-submission of work without valid reasons will lead to an automatic REFERRAL. You will then be asked to
complete an alternative assignment.
8. Take great care that if you use other people’s work or ideas in your assignment, you properly reference
them, using the HARVARD referencing system, in you text and any bibliography, otherwise you may be guilty
of plagiarism.
9. If you are caught plagiarising you could have your grade reduced to A REFERRAL or at worst you could be
excluded from the course.
Student Declaration

I hereby, declare that I know what plagiarism entails, namely to use another’s work and to present it as my own
without attributing the sources in the correct way. I further understand what it means to copy another’s work.

1. I know that plagiarism is a punishable offence because it constitutes theft.

2. I understand the plagiarism and copying policy of the Edexcel UK.
3. I know what the consequences will be if I plagiaries or copy another’s work in any of the assignments for this
program.
4. I declare therefore that all work presented by me for every aspects of my program, will be my own, and
where I have made use of another’s work, I will attribute the source in the correct way.
5. I acknowledge that the attachment of this document signed or not, constitutes a binding agreement
between myself and Edexcel UK.
6. I understand that my assignment will not be considered as submitted if this document is not attached to the
attached.

Student’s Signature: Date:

(Provide E-mail ID) (Provide Submission Date)
Assignment Brief
Student Name /ID Number

Unit Number and Title Unit 13 – Computing Research Project

Academic Year 2020/2021

Unit Tutor

Assignment Title Final Research Project Report

Issue Date

Submission Date

IV Name & Date

Submission Format:

 The submission is in the form of an individual written report.

 This should be written in a concise, formal business style using single spacing and font size 12.
 You are required to make use of headings, paragraphs and subsections as appropriate, and all work must
be supported with research
 referenced using the Harvard referencing system.
 Please provide a referencing list using the Harvard referencing system.
 The recommended word limit is minimum 4,500 words

Unit Learning Outcomes:

LO2. Conduct and analyse research relevant to a chosen computing research project
LO3. Communicate the outcomes of a research project to identified stakeholders
LO4. Reflect on the application of research methodologies and concepts

Assignment Brief and Guidance:

Student is now required to provide a comprehensive research project report based on the findings of primary and
secondary research carried out on the project proposal submitted in the previous section on the selected topic.

The Learner requires to produce a detailed research project report covering following areas:

 Conduct primary and secondary research using appropriate methods for a computing research project
that includes costs, access, and ethical issues.
 Carry out your research and apply appropriate analytical tools/methods to analyse research findings and
data.
 Draw conclusion based on the research findings gained from your primary and secondary research.
 Communicate the outcomes of your research project to the appropriate identified audience.
 Reflect on the success of your research project and your performance at the end of the project with the
inclusion of a project evaluation and recommendations (Consider alternative research methodologies and
lessons learnt in view of the outcomes).
Grading Rubric
Grading Criteria Achieved Feedback

LO2 Conduct and analyse research relevant for a

business
research project

P3 Conduct primary and secondary research using

appropriate methods for a computing research project that
consider costs, access and ethical issues
P4 Apply appropriate analytical tools to analyse research
findings and data.
M2 Discuss merits, limitations and pitfalls of approaches to
data collection and analysis.

D1 Critically evaluate research methodologies and

processes in application to a computing research
project to justify
chosen research methods and analysis.

LO3 Communicate the outcomes of a research

project to
identified stakeholders

P5 Communicate research outcomes in an appropriate

manner for the intended audience.
M3 Coherently and logically communicate outcomes to the
intended audience, demonstrating how outcomes meet set
research objectives.
D2 Communicate critical analysis of the outcomes and make
valid, justified recommendations.
LO4 Reflect on the application of research
methodologies and concepts

P6 Reflect on the effectiveness of research methods applied

for meeting objectives of the computing research project.
P7 Consider alternative research methodologies and lessons
learnt in view of the outcomes.
M4 Provide critical reflection and insight that results in
recommended actions for improvements and future research
considerations.
D3 Demonstrate reflection and engagement in the resource
process leading to recommended actions for future
improvement.
 <Title of the research.>

By
<Name>
<Pearson ID>

Submitted in accordance with the requirements for the

COMPUTING RESEARCH PROJECT MODULE OF PEARSON’S HND IN
< YOUR STREAM> PROGRAMME
at the
ESOFT METRO CAMPUS

Name of research Tutor: <Tutor’s Name>

<Date>
 i

DECLARATION

Name of Research Candidate:

Pearson Registration Number:
Programme Name:
Research Title:
Field of Study:
I do solemnly and sincerely declare that:
i. I’m the sole author of this study
ii. This work is original
iii. In case of any use if any information from other sources references of copyright with its
ownership have been acknowledged in this document
iv. I do not have any actual knowledge nor do I ought reasonably to know that the making of
the work constitutes an infringement of any copyright work
v. I know that plagiarism is a punishable offence because it constitutes theft, I understand
the plagiarism and copying policy of the Edexcel UK, I know what the consequences will
be if I plagiaries or copy another’s work in this research for this program.

Candidate Signature: Date:

Subscribed and solemnly declared before,

Supervisor’s Name:

Designation:

Supervisor’s Signature: Date:

 ii

ACKNOWLEDGMENT
 iii

ABSTRACT
 iv

CONTENTS
DECLARATION........................................................................................................................................i
ACKNOWLEDGMENT...........................................................................................................................ii
ABSTRACT..............................................................................................................................................iii
CONTENTS..............................................................................................................................................iv
LIST OF ABBREVIATIONS..................................................................................................................vi
A LIST OF TABLES...............................................................................................................................vii
LIST OF FIGURES................................................................................................................................viii
CHAPTER 1 – INTRODUCTION...........................................................................................................1
1.1. Introduction...............................................................................................................................1
1.2. Purpose of research...................................................................................................................1
1.3. Significance of the Research.....................................................................................................1
1.4. Research objectives....................................................................................................................1
1.5. Research Sub objectives............................................................................................................1
1.6. Research questions.....................................................................................................................1
1.7. Hypothesis..................................................................................................................................1
1.8. Thesis structure..........................................................................................................................1
CHAPTER 1 - Introduction.....................................................................................................1
CHAPTER 2 - Literature Review............................................................................................1
CHAPTER 3 - Methodology...................................................................................................1
CHAPTER 4 - Presentation of Results....................................................................................1
CHAPTER 5 - Conclusions and Recommendations................................................................1
CHAPTER 2 - LITERATURE REVIEW................................................................................................2
2.1. Literature Review......................................................................................................................2
2.2. Conceptual framework..............................................................................................................2
CHAPTER 3 - METHODOLOGY..........................................................................................................3
3.1. Research philosophy..................................................................................................................3
3.2. Research approach....................................................................................................................3
3.3. Research strategy.......................................................................................................................3
3.4. Research Choice.........................................................................................................................3
3.5. Time frame.................................................................................................................................3
3.6. Data collection procedures........................................................................................................3
3.6.1. Type of Data...............................................................................................................................3
3.6.2. Data Collection Method.............................................................................................................3
3.6.3. Data Collection and Analyze Tools...........................................................................................3
3.6.4. Questionnaire structure............................................................................................................3
 v

3.6.5. Data Storage...............................................................................................................................3

3.7. Target population and sampling...............................................................................................3
3.8. The selection of participants.....................................................................................................4
3.9. Reliability, Validity, and Generalizability...............................................................................4
3.10. Ethical issues of the research study..........................................................................................4
CHAPTER 4 - PRESENTATION OF RESULTS...................................................................................5
4.1. Demographic Analysis...............................................................................................................5
4.2. Correlation Analysis..................................................................................................................5
4.2.1. RO2...........................................................................................................................5
4.3. Regression Analysis...................................................................................................................5
4.3.1. RO1...........................................................................................................................5
4.3.2. RO2...........................................................................................................................5
CHAPTER 5 - CONCLUSIONS AND RECOMMENDATIONS..........................................................6
5.1. Conclusion..................................................................................................................................6
5.1.1. RO1...........................................................................................................................6
5.1.2. RO2...........................................................................................................................6
5.2. Recommendations......................................................................................................................6
5.2.1. RO1...........................................................................................................................6
5.3. Limitations.................................................................................................................................6
5.4. Future Improvements................................................................................................................6
5.5. Personnel Reflection..................................................................................................................6
5.5.1. Benefits for the researcher......................................................................................6
5.5.2. Benefits for the Industry/organization..................................................................6
Referencing................................................................................................................................................7
Annexures..................................................................................................................................................8
Annexures A: Glossary of Terms............................................................................................................8
Annexures B: Sample Charts/ Table........................................................................................................9
Annexures C: Questionnaire..................................................................................................................10
Annexures D: Feedback Form / Question list........................................................................................11
Annexures E: Sample Feedback sheets..................................................................................................12
 vi

LIST OF ABBREVIATIONS
 vii

A LIST OF TABLES
 viii

LIST OF FIGURES
 1

Chapter 01 – Introduction
1.1 – Introduction to the company

The company that I have selected for the research purpose is Commercial Bank of Sri Lanka. In
Sri Lanka, the commercial bank is a public limited bank. It is a sector of finance. In 1920
the Commercial bank was established, marking a century and a half. K. G. D. D. Dheerasinghe
is the commercial bank's chairman. Commercial Bank's headquarters are located at No 21 Sir
Razik Fareed Mawatha, Colombo 1, and Sri Lanka. Anyone can evaluate all services and goods
at any commercial bank office. Commercial banks have 287 branches and 968 ATM locations
around the nation. Sri Lanka, Bangladesh, the Maldives, Myanmar, and Italy are among the
countries that commercial banks service. Commercial banks in Sri Lanka have created
inexorable trends, conventions, and an identity in the banking industry. While offering a range
of goods and services, they have managed to preserve our cultural character, giving us a status
as a 10 leader. With the help of cutting-edge technology and a staff of highly motivated,
dynamic, and professionals, they have risen to the top of the private banking field in Sri Lanka.
Commercial bank's 100-year track record has shown growth and success

Figure 01
 2

History of the Commercial Bank

1920 Eastern Bank has opened a branch in Chatham Street, Colombo A decade later, in 1969, the
Commercial Bank of Ceylon was established in Ceylon After regaining independence in 1948
The share capital of Eastern Bank Ltd was taken over by Chartered Bank Offshore banking was
established in a liberalized economy in 1978. After the adoption of the second constitution. The
commercial bank has opened its first foreign currency banking unit to further develop its
offshore banking. Despite the social unrest in 1980, the bank moved its base operations to 21
Commercial House, Bristol Street, Colombo The bank made history in 1999 when it opened the
first Mini-Com at Cargill’s Food City on Staple Street Commercial Bank has become the only
Sri Lankan bank to be included in the 'Top 1000 Banks in the World' by Banker Magazine - UK
Commercial Bank is the largest ATM operator in Sri Lanka with ATMs all over the country The
bank's mobile ATMs are a common sight at festivals and other important events By setting the
benchmark for the banking sector in Sri Lanka, the commercial banking sector has set standards,
created an identity and set an unparalleled trend They are recognized as trendsetters and have
maintained their cultural identity through a variety of products and services using state of art
technology and led by team of highly motivated and dynamic people, they have become the
leader in private banking in Sri lanka. Commercial Bank of Sri Lanka has a long and illustrious
history dating back to pre-independence. Com bank was established in the 1920s during the
British colonial period when trade, commerce and business flourished However, when the
Commercial Bank of Ceylon became an independent organization in 1969, it began an unbroken
and distinguished legacy of service excellence that continues to this day Commercial Bank of
Ceylon continues to respond, write new chapters to ensure a secure financial future in Sri Lanka,
growing and serving the best.

(Commercial, 2022)
 3

Vision of Commercial Bank

To be the most technologically advanced, innovative and customer friendly financial services
organisation in Sri Lanka, poised for further expansion in South Asia.
(Commercial bank)

To treat our employees, customers, shareholders and our communities with an attitude of
service and appreciation. We will do this by:

 Working as a team to help our fellow employees succeed and create a culture that thrives
on change, including remote working, managing workplace safety in a continuing
health/safety COVID-19 environment.
 Enriching the communities we serve by maintaining a close relationship with our
residents and businesses; providing them with stability, banking services and a
commitment to their success including enhancing our remote access channels to
consistently provide the most up to date products and services for our customers
 Growing our bank profitably to return dividends to our shareholders and stock
appreciation;
 Volunteering in our communities as bank ambassadors to show that local really does
matter.
(Commercial bank)

Mission of commercial bank

Providing reliable, innovative, customer friendly financial services, utilizing cutting edge
technology and focusing continuously on productivity improvement whilst developing our staff
and acquiring necessary expertise to expand locally and regionally.

There is currently no remote working available at Commercial Bank neither home-based work
update.
 4

1.2 – Introduction to the research area

The research area is based on the security issues of remote working.

Any defect, errors, weaknesses or vulnerabilities present or suspected in any listing a product
that the affected supplier believes in good faith has caused, permitted or reasonably expected to
be accessed illegally information or data that must be protected under applicable law The
program's requirements are called a security hole.

Remote work has become very popular and a common practice around the world, especially
now that companies are laying off a significant portion of their workforce keep your distance
However, while this practice increases flexibility, it also improves it productivity and improve
work-life balance, there is a lack of remote control occupational safety risks?

Working remotely is convenient, but remote employees may unintentionally put your
company’s data and networks at risk. Unsecured Wi-Fi connections, unattended computers, and
data breaches are just some of the potential negative impacts a company may experience. Add
in a remote employee with low technical skills, and it’s a combination that can leave your
company vulnerable to cyber-attacks.

Remote working is convenient and has many benefits, but it also exposes both employees and
companies to a range of cyber security risks and vulnerabilities. In today’s online-first world,
its essential companies give serious consideration to remote cyber security for their remote
employees.
 5

Below are some examples of security issues by work from home.

 Accessing sensitive data through unsafe Wi-Fi Networks

Employees can connect to their home wireless network or access their company accounts over
unsecured public Wi-Fi This way, nearby malicious actors can easily spy on your connection
and collect sensitive information For example, data sent in clear text in unencrypted form can
be intercepted and stolen by cybercriminals Because of this, employees cannot access unknown
Wi-Fi networks unless they use a VPN connection

 Using weak passwords

Even if an organization uses VPNs, firewalls, and other cyber-security solutions in order to
keep safe your remote network, human error happens when employees attempt to protect their
accounts with weak passwords. Hackers use a variety of measures to crack passwords. For
instance, they will put together lists of frequently used passwords that can be used to easily
access poorly protected accounts.

 Unencrypted file sharing

While organizations may consider encrypting information stored on their network, they may
not consider encrypting data as it is sent from one location to another Company employees
share so much private information every day, from customer account information to files and
more. That the company cannot afford not to protect this information from being hijacked by a
cyber-criminal. If confidential business information is intercepted, it can lead to identity fraud,
ransom ware attacks, theft, and more
 6

 Phishing emails

Most malware and other hacks are delivered via phishing emails. Mail attacks and they work.
Phishing attacks often rely on true stories to exploit people's fears and emotions into opening
malicious attachments or clicking on links to fraudulent websites. Scammers are for trick
people into providing credentials or download malicious software that allows criminals to
access your computer. These emails have become so complex that it is increasingly difficult for
employees to detect them, especially if they pass through corporate email filters in your inbox.
(Soare, 2021)
 7

Below are certain companies that faced security issues by work from home
 Microsoft
Microsoft, a large multinational provider of information technology, provides perks like flexible
work schedules, paid time off (PTO), social groups, wellness reimbursement, matching
donations, training opportunities, and financial aid for college.
Many remote opportunities, including onboarding managers, program managers, software
engineers, and security sales specialists, are frequently open at the organization.
In a recent study conducted by Microsoft on the effects of remote work settings, respondents
listed phishing attacks, the security of end user devices, and employee training as three of their
top concerns.
Due to unreliable private Internet connections, distant workers occasionally used their mobile
devices. A Microsoft poll of IT decision-makers typically cited "'network and connectivity' and
'enabling devices for remote use' as major tech issues" that arose with the work-from-home
response.
 VMware
For businesses in numerous industries, this IT company offers solutions for app modernization,
cloud computing, networking and security, and digital workspaces. Access to Stanford Federal
Credit Union, an online marketplace of perks and discounts, backup daycare, and a program that
aids parents of disabled children are just a few of VMware's perks.
According to research, cyber-attacks have increased in recent months, and many securities
experts attribute this to more employee involved at work from home because of the COVID-19
pandemic.
The primary causes of breaches, according to the specialists polled, were third-party apps,
ransom ware, out-of-date security systems, and process gaps.
 Dell tech
Providing wider access to technology and hiring people with an interest in the digital world, Dell
is a multinational corporation. Through its Progress Made Real effort, Dell offers career
development programs, strongly encourages a work-life balance, and has a positive social
impact.
The firmware that a PC's microprocessor uses to start the computer system after you switch it on
is called BIOS (basic input/output system). Additionally, it controls the flow of information
between the operating system of the computer and any attached hardware, including the hard
drive, video adapter, keyboard, mouse, and printer.
 8

The BIOS can be used as a gateway that can be opened by hackers in the field of illegal
technology to access data on a PC. As a result, Dell Technologies has developed a new degree of
protection to keep the BIOS door always locked in light of the overnight transition to a remote
workforce for many workers.
Dell Technologies has created Dell Safe BIOS Events & Indicators of Attack to identify threats
in order to defend against BIOS attacks.
 9

1.3 Research Problem

Recently many or few complaints were reported on security breaches. So the reason for doing
this research is to identify those security issues and may be come up with respective solutions of
avoiding or minimizing them.

Below are certain security issues which were reported recently.

 Personal details of employees being in danger
Most businesses maintain sensitive personal data that can be used to identify customers or
employees in their files, including names, Social Security numbers, credit card information, and
other account information.
In order to fulfill orders, make payroll, or carry out other essential business tasks, this
information is frequently required. Sensitive information, however, can cause fraud, identity
theft, and other problems if it ends up in the wrong hands. Protecting personal information is
simply smart business practice, especially when considering the costs of a security breach, which
include losing clients' trust and maybe having to defend self in court.
 Company details can be viewed by competitors
Even competitors may release specific data so that those in the market can assess the overall
health of a sector. Without these exchanges, crucial investment choices would be made in the
dark by firms, investors, and the government.
Despite this, businesses must exercise extreme caution when disclosing information because
doing so could violate the law on competition and expose individuals to hefty fines or even
criminal penalties.
 Many personal devices are being linked to the main system
Companies used to frequently provide their staff electronics in the past. It would have been
insane to ask an employee to bring a desktop computer to work, much less a desk phone, before
laptops and other portable devices were commonplace. But because of how portable today's
technologies are, the majority of employees will probably bring at least a phone to work, even
if it isn't necessary for doing their jobs.
This raises a crucial issue of the distinction between work-related gadgets and personal devices.
Employees who carry personal devices into the office, such as a mobile phone or tablet, pose a
moderate security risk. The risk rises considerably, though, if such personal devices are used to
access corporate networks or files. 82 percent of businesses permitted employees to use
personal devices for work in 2018, up from 74 percent in 2014, according to recent data. In
 10

light of this, businesses would be good to define BYOD rules and, to the greatest extent
practicable, enforce the distinction between personal usage and work devices.
There are certain disadvantages of many personal devices being linked to the main system. The
disadvantages include problems with security, appropriate control usage, risks to productivity
and performance, and issues with data retrieval. It becomes much more crucial to safeguard a
company network from viruses and other incursions whenever employees connect their own
devices to it.
 Security issues involved in online transactions
Perhaps the most critical model in terms of security is the transaction model used by business
apps on the Internet. Data security is now a crucial concern because so much commercial
information is made available and transmitted online.
However, at this point, special attention should be paid to the particular security issues related
to the execution of payments through the Internet. In light of press reports of significant
security breaches to Internet servers, the security concerns for businesses pursuing electronic
commerce are giving rise to grave anxiety.
(Samiksha, 2021)
 11

1.4 Significance of the research

1. Why the research of security issues of remote working is important to Commercial Bank

If there is a remote working facility at Commercial bank, this research will provide solutions
and explore problematic issues generated by remote working at Commercial Bank.

Privacy violation can be identified as security issue of remote working. User privacy may be
compromised through improper management of private data, such as social security numbers or
user passwords, which is frequently unlawful. Private user data entering the software is a breach
of privacy. The information is written to a remote destination, like the network, file system, or
terminal.

Transaction violation also can be identified as a security of remote working. The most sensitive
model in terms of security is the transaction model used by business apps on the Internet. Data
security is now a crucial concern because so much commercial information is made available
and transmitted online.

Even 3rd party access can also be identified as a security issue of remote working. Data breaches
may result from remote access from third parties. Recent reports demonstrate that outdated
security measures like firewalls, virtual private networks (VPNs), and network access controls
(NACs) are insufficient to prevent threat actors trying to access the network through weak third-
party remote access.

We can learn more about remote working security difficulties by conducting this research. We
can also investigate their sources, handle them, and develop remedies to prevent them.
 12

2. Why the research of security issues of remote working is important to Sri Lanka

According to Google scholar there is no research conducted in Sri Lanka regarding security
issues of remote working.

3. Why security issues of remote working are important to the world research domain

The research listed below was discovered on Google Scholar.

Remote working during the COVID-19 pandemic has had, and continues to have, a great impact
on the workforce. Through interviews with senior cyber security professionals, this research
explored how the traditional dynamics between employees and leadership have adapted in such
times, responding to a rapidly evolving cyber threat landscape, as well as an unpredictable period
for organizations and employees in terms of wellbeing and remote working culture. Focusing on
the transition to remote working, cyber security, the psychological contract (relationship between
employees and employers) and employee wellbeing.

Organizations have taken different approaches to security risk management. While some
employers relaxed corporate device policy and displayed increased trust in employees to ‘get the
job done’, other employers increased restrictions, occasionally to the perceived detriment of
productivity and collaboration.

Remote working has increased worry associated with insider threats. Through shadow IT
practices, inadequate remote working security controls or mitigations, and decreased visibility of
remote working environments, participants suggested that there are more opportunities for
employees to, deliberately or unwittingly, to expose organizations to risk.

(Geoogia Crossland, June)

 13

1.5 Research Objectives

Security issues of remote working at Commercial Bank.

Personal details
Transactions Security issues of remote working
Using personal devices
Using public and personal Wi-Fi

 Research objective 01
To identify whether personal data theft is a security issue caused by remote working at
Commercial bank.
 Research objective 02
To observe whether transaction theft is a security issue caused by remote working at Commercial
bank.
 Research objective 03
To study whether using personal devices is a security issue caused by remote working at
Commercial bank.
 Research objective 04
To identify whether using public and private Wi-Fi is a security issue caused by remote working
at Commercial bank.
 14

1.6 Research questions

 Research question 01
Is personal data theft a security issue caused by remote working at Commercial Bank?
 Research question 02
Is transaction data theft a security issue caused by remote working at Commercial Bank?
 Research question 03
Is using personal devices a security issue caused by remote working at Commercial Bank?
 Research question 04
Is using public and private Wi-Fi a security issue caused by remote working at Commercial
Bank?
 15

1.7 Conceptual Framework

From conceptual framework we show what the variables that we use for the model are.
According to this research the conceptual framework is shown below.
Security issues caused by remote working at commercial bank.

Independent Dependent
Personal data theft
Using public and personal Wi-Fi Security issues of remote
Transaction theft working
Using personal devices
 16

1.8 – Research Hypothesis

Security issues caused by remote working at commercial bank.

 Hypothesis for accessing personal information variable

H0: Accessing personal information is not a security issue of remote working at Commercial
bank.
H1: Accessing personal information is a security issue of remote working at Commercial bank.

 Hypothesis for using public and private Wi-Fi variable

H0: Using public and private Wi-Fi is not a security issue of remote working at Commercial
bank.
H1: Using public and private Wi-Fi is a security issue of remote working at Commercial bank.

 Hypothesis for transaction theft variable

H0: Transaction theft is not a security issue of remote working at Commercial bank.
H1: Transaction theft is a security issue of remote working at Commercial bank.

 Hypothesis for using personal device variable

H0: Using personal device is not a security issue of remote working at Commercial bank.
H1: Using personal device is a security issue of remote working at Commercial bank.
 17

Chapter 02 – Literature Review

Security issues of remote working at commercial bank

Independent variables Dependent variable

Personal data theft

Using public/personal Wi-Fi Security issues of

Transaction theft remote working

Using personal devices

2.1 – Literature review for personal data theft

 Online personal theft – an Indian perspective

According to Emerald Insight, practically all firms are online connected, and the term "net
banking" has gained popularity. In developing economies like India, the idea of identity theft,
which was previously more widely known in the West, is becoming increasingly prevalent. This
paper's goal is to evaluate the current phishing attack landscape in India and to offer some
remedies that online businesses can use to combat this form of assault.

To determine the extent of the issue, a few statistics about phishing assaults across the globe are
contrasted with those for India. A few international banks' security policies are examined and
contrasted with those of their Indian counterparts. Finally, some recommendations on how to
handle the matter are given.

Identity theft has increased over the past few years, and it could become a significant issue in the
future, losing customers' trust in online banking. Most Indian banks are taking action to solve the
issue, however small and rural banks still need more work done.

Since identity theft is not just an individual's problem but also the duty of the financial institution
in question, precautions must be made to safeguard the identities and data of their online banking
customers. This essay tries to evaluate the current situation. There have been efforts made to
develop security measures that can be used by many businesses to strengthen security and
safeguard their customers' identities when using online banking.

(Geetha, 2021)
 18

 BBVA – Personal data theft

According to BBVA most of the cyber-attacks are related to personal data theft. We can be
mistaken in believing that no one cares about personal data. We frequently let our guard down
and fail to take the proper precautions to protect our personal details because of this
misconception.

Most of the time, information is taken with the intention of selling it on the black market, where
it is purchased by businesses with a bad reputation and used for advertising or commercial
research. However, personal data theft can also harm a person significantly in other situations.

The personal information could be important in the latter scenario if it is used to steal
one’s identity, carry out transactions in their name, or engage in fraud. What they can do with
our data is more important than the data itself.

Personal data can be obtained in a variety of ways, below are certain ways,

 Dumpster diving – Discovering discarded paper documents in trash cans, CDs, USBs,
hard disks, etc.
 Phishing – Email scams that impersonate well-known organizations in order to trick the
user and steal their data.
 Social engineering – Whether by phone, online, through the mail or electronically, the
attacker gains the victim's trust and manipulates them to collect personal information.
 Surfing – Some websites can download malware that can control a computer's webcam
or extract information from it.
 Free software – This type of data theft is typical of free software.

Remember to destroy and render unreadable all documentation and materials that contain
personal data, such as bank statements, photocopies of ID cards, invoices, etc., to protect one's
personal data.

When not in use, always cover the webcam. If someone manages to take control of the computer,
personal photographs could be made public.

When someone asks for one’s personal information, be wary. Never give out particularly
sensitive information over the phone.

(Blanco, 2017)
 19

 Identity theft resource center

According to Identity Theft Resource Center there are three types of identity theft which are
financial, criminal, and identity cloning.

The ultimate goals of identity theft may be the acquisition of money, other resources, or
privileges, or the protection of one's identity by disguising oneself as another, largely legal
entity. ID thefts may also use a company's reputation to their advantage to draw customers,
which can lead to instances of both corporate and consumer ID theft.

Identity theft can take many different forms, such as lost or stolen wallets, documents discarded
with personal information, phishing emails, etc. The most common form of reported identity
theft was Credit Card fraud, followed by phone or utilities fraud, bank fraud and employment
fraud. Only 30% of victims notified a police department. In 1999 20,000 cases of ID Theft were
reported in the UK.

In ID theft cases, the investigator will need to consider not only the financial evidence but also
the personal information gained, and subsequent actions triggered by a hijacked identity. This
evidence trail is to be recovered in the form of data, logs, etc. through various systems within
one or even multiple financial organizations.

One of the major ways of personal data theft is used by phishing. Phishing is the practice of
obtaining personal information by sending emails that look to be from reliable sources. A
phishing campaign involves the widespread dissemination of "spoofed" emails with reply
addresses, links, and branding that impersonate those from financial institutions, insurance
providers, shops, or credit card issuers. By employing corporate logos and formatting that is
comparable to those of the legitimate companies, the mails appear genuine. When personal
information, such as personal account numbers, passwords, and other sensitive information, is
requested for auditing or verification purposes, the hazard is perceivably dangerous. The UK
National Hi-tech Crime Unit detained a 21-year-old unemployed British man in April 2004 on
suspicion of engaging in a phishing attempt against The Cooperative bank and the Smile Internet
Bank. However, this man was only an amateur, and the authorities claim that he has no
connection to organized crime.

(Thomas, 2019)
 20

2.2 – Literature review for using Public/Personal Wi-Fi

 Issues of public/personal Wi-Fi for businesses.
A record-breaking year for cyber-attack was 2020. Many professionals turned to their home
offices when offices around the world closed indefinitely and implemented stay-at-home
regulations. Many people continued to work remotely as society began to open up again. By
2025, more than 36 million people in America will have totally remote or flexible work
with an increase of 87% since the epidemic. One might deduce that having the opportunity to
work outside of the office has led many employees to select open areas like coffee shops,
restaurants, train stations, airports, and other public venues to do their tasks, increasing the
vulnerability of organizations and employees to cyber-attacks.
People could believe there would never be a problem with using personal or public Wi-Fi. The
worrying reality is that cyber-attacks are on the rise along with the population of remote workers,
putting everyone who uses personal or public Wi-Fi at risk. Cyber-attacks were ranked as the
fifth top risk for businesses in the public and private sectors in a Global Risk Report that was
issued in 2020, and it is anticipated that they will soon move up the list. The FBI assessed the
financial cost at more than $4.2 billion and reported 791,790 complaints of suspected cybercrime
in 2020, which is 300,000 higher than reported in 2019. The need to safeguard ourselves against
the dangers of public Wi-Fi has never been greater.
Most people who use public Wi-Fi networks while working are blissfully oblivious of the danger
they run of unintentionally disclosing sensitive, secret, or essential information, which might
pose a serious threat in the hands of an experienced hacker. Users have probably used the
convenience of free public Wi-Fi. Malware, rogue networks, unsecured connections, network
snooping, login credential vulnerabilities, system update warnings, and session hijacking are
some risks associated with utilizing public or personal Wi-Fi.
(Guizani, 2021)
 21

 Public/personal Wi-Fi security

The cautions against utilizing public Wi-Fi for work-related activities are well-known to all.
With the outbreak of the pandemic, many things have undergone a transformation. It is crucial to
reassess the previous guidelines to determine whether they remain applicable in the post-
COVID-19 era. Wi-Fi security serves as an excellent example. Connecting to a secure wireless
network used to be a straightforward process. After all, the demarcation between work and home
was much clearer. Initially, it was believed that the lines were indistinct. However, the pandemic
changed everything. The borders vanished entirely. Expectations for constant availability
skyrocketed to unprecedented levels. Employees began taking advantage of their flexibility by
working remotely. For some, this meant working from a rented house across the country for
several months. For others, it meant utilizing the freedom to shop while having lunch.
Nowadays, most of us face more situations where we must conduct business outside the confines
of our secure internet.

(Gregory, 2021)

 Dangers of Public/Personal Wi-Fi

Unsecured or public Wi-Fi networks carry a lot of dangers. If all you need to do is ask a staff
member for the password, anyone who wants access can still enter even if the network in
question is a secure public Wi-Fi hotspot.
Even worse, a lot of networks contain open Wi-Fi settings that let anyone connected to the
network take control of the router. With this access, hackers have a variety of ways to attack on
unsuspecting individuals who are just trying to browse the web.
Unfortunately, using a public connection comes with a number of concerns, including fraudsters
working on reliable Wi-Fi hotspots.
Malicious hotspots set up to deceive users into connecting to them pose an even greater threat to
user security. The typical method for accomplishing this is to create an unprotected hotspot with
the name of a nearby company, to which users will connect while blissfully unaware of the
danger.
 22

Users may be able to prevent this situation from happening periodically by always asking the
staff of the establishment if the Wi-Fi hotspot is authentic, but there is no assurance that they will
even be aware of the imposter. Even the company's employees may be accessing the infected
Wi-Fi network without being aware of it.
Because the attacker in this scenario has complete control over the hotspot, they have many more
attack options available to them, such as serving us malicious ads that contain spyware or
malware, changing the website we were on to a completely fake one, and gathering any login
information we entered for different services.
(Hougen, 2020)
 23

2.3 – Literature review for transaction theft

 Transaction theft
Exposure to unpredictability factors that could affect the anticipated return from a contract or
transaction is known as transaction theft. It can include, but is not limited to, time, commodity,
and foreign exchange risk. In essence, it includes everything that could go wrong and stop a deal
from happening.
It is crucial to take such risk into account when assessing a potential investment because a deal
with a high transaction theft will normally require a greater projected return. Transaction theft
occasionally prevents a deal from going through because of the possibility of unfavorable
outcomes.
There is a risk involved when engaging in transactions that the counterparty won't fulfill the
contractual commitments made in the transaction. The consequences of the transaction theft are
frequently to blame when counterparties breach contractual obligations.
(Anon., 2021)
 Internet transaction and identity theft
Online purchasing is a practical activity. It provides the ease of shopping and price comparison
without requiring you to visit many stores or waste time walking down the street. Due of its
convenience, it has gained a lot of people's attention as a very appealing alternative. Users can't
be completely certain that all of their transactions are secure or that the recipients of the credit
card information are those they intended.
For the quite straightforward reason that online shopping puts users at risk for identity theft.
There are instances where a backdoor application unintentionally infects the computer, captures
all keystrokes, or connects the computer to the Internet, exposing someone as victim for
transaction theft.
By using the most recent internet browser, transaction theft can be avoided. An application
people use to access the internet is a browser. These programs typically save built-in abilities.
We can use the most recent encryption technology, which secures our online transactions, by
utilizing the most recent browser.
(Tina, 2010)
 Transaction theft and security
The danger of transaction theft poses a significant risk to security since it enables criminals to
exploit personal information. The intricacy of commercial transactions that involve payment
cards is expanding, making it increasingly challenging to monitor this problem. Industry
standards for information technology security typically mandate the implementation of security
 24

regulations and audit trails for these businesses. This is particularly true for crucial systems that
deal with sensitive data, which are utilized by both public and private sector firms. In the past,
enterprise architects have established security policies and relied on technical safeguards to
protect their organizations' systems from cyber threats and misuse. Today, transaction theft is
one of the most critical threats to online security. In a cloud environment, artificial intelligence is
indispensable for managing financial risk. Despite numerous studies that have attempted to

examine the current methods, they are insufficient for conducting detection with high accuracy.

(Wang, 2021)

 Evidence in transaction theft

Several Indians have raised apprehension on various social media platforms about undisclosed
loans appearing in their credit records, despite never borrowing from the Indian-owned Dhani
Loans and Services. As per sources, fraudsters misused users' permanent account numbers to
obtain quick loans through the Dhani app. While a few individuals reported receiving loan
recovery notices for loans they never requested, others stated that their credit ratings were
negatively impacted as their credit reports indicated defaults on loans they never sought.

(Chadha, 2022)
 25

2.4 – Literature review for using personal devices

 Remote workers using personal device
When remote working employees use personal devices to access company files and data, the
organization can believe that virtual private networks are sufficient to safeguard the network.
Virtual private networks (VPNs) are a fantastic place to start when protecting the network, but
they lose some of their effectiveness when used by personal devices owned by company
employees. Once linked via a VPN, the hazards posed by these devices are transferred to the
corporate network. To combat and reduce this risk, sound security precautions and many layers
of protection are required.
The risks of relying only on a VPN arise not from the VPN itself, but rather from the potential
lack of security on these devices and from company employees' lack of understanding.
Personal devices may contain security flaws that could potentially spread across a VPN since
they are not held to the same standards of responsibility as organizational equipment. Attackers
frequently search for a footing initially before developing strategies to increase privilege.
It's likely that family members share the employee's personal device. Even if each user's profile
is unique, the profiles are stored on the device's hard drive. Malware can be installed from
another user accessing the device because not all users are connected to the VPN.
(IntregrisTeam, 2021)
 26

 Issues of using personal devices for work purpose

If personal devices are used for work, it might put a corporation in legal danger. Employees
should only use workplace devices to send email that is connected to their jobs in order to
prevent these issues.
It is not advised to save corporate information on personal devices at home. As a result, the
device will be open to discovery in a hypothetical litigation, increasing costs and raising the
possibility that personal and private information kept on the device would be revealed. Except
when using a corporate device, they shouldn't email themselves files to work on outside of the
workplace.
The risks of using personal gadgets at work can be substantial. If an employee's device's data is
hacked, it might be utilized to commit cyber-attacks or steal company data. It's critical to explain
the ramifications of a lost or stolen device and to inform employees that their personal data may
also be at danger in the event of a loss or theft.
Employees shouldn't use their own gadgets at work unless their manager expressly permits them
to. They run the danger of stealing company data or being hacked if they are not.
Using personal devices at work carries risks like data breaches, lost or stolen data, and possible
links to illicit behavior. Employers must ensure that workers are at ease using personal devices at
work by educating them on the obligations they have while accessing corporate data on those
devices.
(Albert, 2021)
 27

 Personal devices for remote working

Personal devices, as the name suggests, are those that an employee personally owns and uses to
carry out any type of job but are not registered with the company's mobile device management
system.
The greatest drawback is a lack of security. Without mobile application management, personal
devices are extremely susceptible to security risks. Every man or woman for themselves is the
stuff of nightmares when it comes to your sensitive corporate information. It might be less
expensive and easier, but it puts your safety in grave danger. Simply put, the company lacks the
means to impose or monitor security procedures.
The great majority of businesses that use remote workers ought to use company devices that are
managed through mobile device management. The level of security is far higher, devices are
simple to set up and modify, and issues can be quickly identified and resolved. For all parties
involved, it produces a more uniform, seamless experience.
(Joesph, 2021)
 28

Chapter 3: Methodology

3.1 –Research Onion

The research onion is a basic illustration that delineates the various stages an investigator must
contemplate to establish an effective research methodology. The model of the research onion
was introduced by Saunders, Lewis and Thorn hill in their publication titled Research Methods
for Commercial Scholars. This strategy endeavors to explicate the diverse phases of thesis
composition to assist scholars in formulating a more methodical procedure. The model of the
Research Onion presented here figuratively displays the diverse techniques that the research's
diverse constituents could be scrutinized to generate the ultimate research blueprint.

Figure
02
 29

3.2 Research philosophy

This study owns a conceptual framework with 4 independent variables and 1 dependent variable.

The independent variable one which is, personal data theft has an impact on the dependent
variable of security issues of remote working. A single reality is found here, which is from the
positivism approach.

A positivism approach is what can happen or not happen. According to the independent
variable, personal data theft has an impact on security issues of remote working, which is a
single reality that falls under the positivism approach.

The independent variable two which is, using public/private Wi-Fi has an impact on the
dependent variable of security issues of remote working. A single reality is found here, which is
from the positivism approach. According to the independent variable, using public or private Wi-
Fi has an impact on security issues of remote working, which is a single reality that falls under
the positivism approach.

The independent variable three which is, transaction theft has an impact on the dependent
variable of security issues of remote working. A single reality is found here, which is from the
positivism approach. According to the independent variable, transaction theft has an impact on
security issues of remote working, which is a single reality that falls under the positivism
approach.

The independent variable four which is, using personal devices has an impact on the dependent
variable of security issues of remote working. A single reality is found here, which is from the
positivism approach. According to the independent variable, using personal devices has an
impact on security issues of remote working, which is a single reality that falls under the
positivism approach.

MY The research onion has been developed by Saunders et al. 2007 to describe the stages
that a researcher must go through when developing an effective methodology, which is an
important section to consider when writing a research paper. In the beginning, the research
philosophy must be defined. This serves as the foundation for the appropriate research strategy,
which is implemented in the second step. The research strategy is chosen in the third step, and
the time horizon is determined in the fourth layer. The fifth stage is the identification of the data
collection methodology. The benefits of the research onion are that it creates a series of stages
 30

through which the various methods of data collection can be understood, as well as illustrating
the steps through which a methodological study can be described.

3.3 Research approach

There are two approaches which are Inductive and Deductive. Here, the deductive approach is
used to our conceptual framework because it is from theory to observations.

Testing the conceptual framework developed for security issues of remote working. Here,
observations are studied which the security issues of remote are working after developing the
conceptual framework. Therefore, it is appropriate to use deductive approach to this study.

3.4 Research Strategy

For each independent variable and the dependent variable set of questions will be developed.
From the developed questions questionnaires will be made.

Questionnaire based survey is conducted to check the association between independent and
dependent variable.

3.5 Research Choice

To conduct the questionnaire, Survey is selected. In the questionnaire few questions are raised.
The questions have rating options from strongly agree to strongly disagree

(lickert scaler).

 Strongly agree – 5
 Agree – 4
 31

 Neutral – 3
 Disagree – 2
 Strongly disagree – 1

Only we collect numbers so the research choice is mono method quantitative.

3.6 Time horizon

According to the research topic security issues of remote work, the data collection is done by one
person at a time. Therefore, the time horizon is cross-sectional.

3.7 Techniques and procedures

 3.7.1 Target Population (Whom we target to collect data)

All employees who work from home at Commercial Bank of Pettah branch.
Total count 25.
 3.7.2 Sample population
According to the Morgan table, sample size is 24 amounts.
Hence the study will collect data from 24 count of employees who work from home at Pettah
Commercial bank.
 3.7.3 Data collection
To collect the data for the research, data collection method is questionnaire as the strategy is
selected as survey. Questionnaires are to be delivered among 24 (sample size) commercial bank
staff to get their responses. Google sheet questionnaires will be sent to the respondents as the
cost of travel and printing materials are high.
 3.7.4 Data Analysis
 32

To enter data, we use excel software. And, to analyze data using statistical testing excel will be
used. The data analysis will be done using bar charts, pie charts, descriptive statistics, mean
standard deviation, maximum standard deviation, minimum standard deviation, correlation test
and regression test.
 3.7.5 Limitations of the research
There are barriers we need to tolerate while conducting research. Certain limitations include high
cost, time being limited, electricity issues, travelling issues and respondents are from different
physiological level being a major threat.

Chapter 04: Analysis

4.1 – Presentation of Data
4.1.1 – Presentation of data for personal data theft

4.1.1.1 – Presentation of data for “Is personal data issue caused by remote working a
significant security issue?”

Is personal data issue caused by remote working

a significant security issue?
12

10

0
SA A N D SD

For the question, “Is personal data issue caused by remote working a significant security issue?”
majority are strongly agree with the count of 10 and minority is strongly disagree with the count
 33

of 5. The overall responses are towards the positive side as the strongly agree and agree total
count is higher than strongly disagree and disagree count.

4.1.1.2 – Presentation of data for “Is financial details issue caused by remote working a
significant security issue?”

Is financial details issue caused by remote work-

ing a significant security issue?
14

12

10

0
SA A N D SD

For the question, “Is financial details issue caused by remote working a significant security
issue?” majority are agree with the count of 12 and minority is strongly disagree with the count
of 3. The overall responses are towards the positive side as the strongly agree and agree total
count is higher than strongly disagree and disagree count.
 34

4.1.1.3 – Presentation of data for “Is medical data issue caused by remote working a
significant security issue?”

Is medical data issue caused by remote working a

significant security issue?
12

10

0
SA A N D SD

For the question, “Is medical data issue caused by remote working a significant security issue?”
majority are disagree with the count of 9 and minority is strongly disagree with the count of 4.
The overall responses are towards the negative side as the strongly agree and agree total count is
lower than strongly disagree and disagree count.
 35

4.1.1.4 – Presentation of data for “Is social media account details issue caused by remote
working a significant security issue?”

Is social media account details issue caused by

remote working a signicant security issue?
12

10

0
SA A N D SD

For the question, “Is social media account details issue caused by remote working a significant
security issue?” majority are neutral with the count of 10 and minority is strongly disagree with
the count of 4. The overall responses are towards the negative side as the strongly agree and
agree total count is lower than strongly disagree and disagree count.
 36

4.1.2 – Presentation of data for transaction theft.

4.1.2.1 - Presentation of data for “Is personal accounts theft issue caused by remote
working a significant security issue?”

Is personal theft issue caused by remote working

a significant security issue?
10
9
8
7
6
5
4
3
2
1
0
SA A N D SD

For the question, “Is personal accounts theft issue caused by remote working a significant
security issue?” majority are agree with the count of 9 and minority is strongly agree with the
count of . The overall responses are towards the positive side as the strongly agree and agree
total count is higher than strongly disagree and disagree count.
 37

4.1.2.2 - Presentation of data for “Is company procumbent payments issue caused by
remote working a significant security issue?”

Is company procument payments issue caused

by remote working a significant security issue?
12

10

0
SA A N D SD

For the question, “Is procurement payment issue caused by remote working a significant security
issue?” majority are neutral with the count of 11 and minority is strongly disagree with the count
of 2. The overall responses are towards the positive side as the strongly agree and agree total
count is higher than strongly disagree and disagree count.
 38

4.1.2.3 - Presentation of data for “Is employee salary payments issue caused by remote
working a significant security issue?”

Is employee salary payments issue caused by

remote working a significant security issue?
12

10

0
SA A N D SD

For the question, “Is employee salary payment issue caused by remote working a significant
security issue?” majority are neutral with the count of 11 and minority is disagree and agree with
the count of 6. The overall responses are towards the positive side as the strongly agree and
agree total count is higher than strongly disagree and disagree count.
 39

4.1.2.4 - Presentation of data for “Is investments issue caused by remote working a
significant security issue?”

Is investments issue caused by remote working a

significant security issue?
12

10

0
SA A N D SD

For the question, “Is investments issue caused by remote working a significant security issue?”,
majority are neutral with the count of 10 and minority is strongly agree with the count of 5. The
overall responses are towards the negative side as the strongly agree and agree total count is
lower than strongly disagree and disagree count.
 40

4.1.3 – Presentation of data for using public/personal Wi-Fi

4.1.3.1 – Presentation of data for “Is theft of personal information issue caused by remote
working a significant security issue?’’

Is theft of personal information issue caused by

remote working a significant security issue?
10
9
8
7
6
5
4
3
2
1
0
SA A N D SD

For the question, “Is theft of personal information issue caused by remote working a significant
security issue?” majority are neutral with the count of 9 and minority is strongly disagree with
the count of 5. The overall responses are towards the positive side as the strongly agree and
agree total count is higher than strongly disagree and disagree count.
 41

4.1.3.2 – Presentation of data for “Is unencrypted connections issue caused by remote
working a significant security issue?’’

Is unencrypted connections issue caused by

remote working a significant security issue?
12

10

0
SA A N D SD

For the question, “Is unencrypted connections issue caused by remote working a significant
security issue?” majority are neutral with the count of 11 and minority is strongly disagree with
the count of 2. The overall responses are towards the positive side as the strongly agree and
agree total count is higher than strongly disagree and disagree count.
 42

4.1.3.3 – Presentation of data for “Is cyber-attacks on businesses issue caused by remote
working a significant security issue?’’

Is cyber-attacks on businesses issue caused by

remote working a significant security issue?
12

10

0
SA A N D SD

For the question, “ Is cyber-attacks on businesses issue caused by remote working a significant
security issue?”, majority are neutral with the count of 10 and minority is strongly disagree with
the count of 3. The overall responses are towards the positive side as the strongly agree and
agree total count is higher than strongly disagree and disagree count.
 43

4.1.3.3 – Presentation of data for “Is malware distribution issue caused by remote working
a significant security issue?’’

Is malware distribution issue caused by remote

working a significant security issue?
12

10

0
SA A N D SD

For the question, “Is malware distribution issue caused by remote working a significant security
issue?” majority are neutral with the count of 10 and minority is strongly disagree with the count
of 4. The overall responses are towards the positive side as the strongly agree and agree total
count is higher than strongly disagree and disagree count.
 44

4.1.4 – Presentation of data for using personal devices

4.1.4.1 – Presentation of data for “Is data theft issue caused by remote working a
significant security issue?’’

Is data theft issue caused by remote working a

significant security issue?
12

10

0
SA A N D SD

For the question, “Is data theft issue caused by remote working a significant security issue?”
majority are strongly agree with the count of 10 and minority is strongly disagree and neutral
with the count of 4. The overall responses are towards the positive side as the strongly agree and
agree total count is higher than strongly disagree and disagree count.
 45

4.1.4.2 – Presentation of data for “Is devices to be damaged issue caused by remote
working a significant security issue?’’

Is devices to be damaged issue caused by remote

working a significant security issue?
10
9
8
7
6
5
4
3
2
1
0
SA A N D SD

For the question, “Is devices to be damaged issue caused by remote working a significant
security issue?” majority are neutral with the count of 9 and minority is strongly disagree with
the count of 4. The overall responses are towards the positive side as the strongly agree and
agree total count is higher than strongly disagree and disagree count.
 46

4.1.4.3 – Presentation of data for “Is malware issue caused by remote working a significant
security issue?’’

Is malware issue caused by remote working a

significant security issue?
12

10

0
SA A N D SD

For the question, “Is malware issue caused by remote working a significant security issue?”
majority are disagree with the count of 10 and minority is strongly agree with the count of 4. The
overall responses are towards the negative side as the strongly disagree and disagree total count
is higher than strongly agree and agree count.
 47

4.1.4.4 – Presentation of data for “Is improper mobile management issue caused by remote
working a significant security issue?’’

Is improper mobile management issue caused by

remote working a significant security issue?
12

10

0
SA A N D SD

For the question, “Is improper mobile management issue caused by remote working a significant
security issue?” majority are disagree with the count of 9 and minority is strongly agree with the
count of 5. The overall responses are towards the negative side as the strongly disagree and
disagree total count is higher than strongly agree and agree count.
 48

4.1.5 – Presentation of data for Dependent variable

4.1.5.1 – Presentation data for “Has work from home strategy implemented at Commercial
bank caused a significant security issue”?

Has work from home strategy implemented at

Commercial bank caused a significant security
issue?
12

10

0
SA A N D SD

For the Dependent variable question, “Has work from home strategy implemented at commercial
bank caused a significant security issue?” majority are neutral with the count of 10 and minority
is disagree with the count of 5. The overall responses are towards the positive side as the
strongly agree and agree total count is higher than strongly agree and agree count.
 49

4.2 – Descriptive Statistics

4.2.1 – Descriptive Statistics for Personal Data Theft
Is personal details Is financial details Is medical data Is social media
issue caused by issue caused by issue caused by account details
remote working a remote working a remote working issue caused by
significant significant security a significant remote working
security issue? issue? security issue? a significant
security issue?

Minimum 1 1 1 1

Maximum 5 5 5 5
Average 3.285714 3.342857 2.971429 2.714286
Standard
Deviation 1.446526 1.211291 1.271537 1.36277

For the question “ Is personal details issue caused by remote working a significant security
issue?” range of answers are Strongly disagree to Strongly agree. The average value is 3.2 which
is closer to 3. So, the average response in 3. Standard deviation for the question is 1.44.
For the question “ Is financial details issue caused by remote working a significant security
issue?” range of answers are Strongly disagree to Strongly agree. The average value is 3.34
which is closer to 3. So, the average response in 3. Standard deviation for the question is 1.21.
For the question “Is medical data issue caused by remote working a significant security issue?”
range of answers are strongly disagree to strongly agree. The average value is 2.9 which is closer
to 3. So, the average response in 3. Standard deviation for the question is 1.27.
 50

For the question “ Is social media account details issue caused by remote working a significant
security issue?” range of answers are Strongly disagree to Strongly agree. The average value is
2.7 which is closer to 3. So, the average response in 3. Standard deviation for the question is
1.36.

4.2.2 – Descriptive Statistics for Transaction Theft

Is personal Is company Is employee Is investments
account issue procument salary payments issue caused by
caused by remote payments issue issue caused by remote working
working a caused by remote remote working a significant
significant working a a significant security issue?
security issue? significant security security issue?
issue?
Minimum 1 1 1 1

Maximum 5 5 5 5
Average 3.028571 3.628571 3.342857 2.971429
Standard
Deviation 1.219588 1.474147 1.294461
1.294461

For the question “ Is personal account issue caused by remote working a significant security
issue?” range of answers are Strongly disagree to Strongly agree. The average value is 3.02
which is closer to 3. So, the average response in 3. Standard deviation for the question is 1.29.
For the question “ Is company procument payment issue caused by remote working a significant
security issue?” range of answers are Strongly disagree to Strongly agree. The average value is
3.62 which is closer to 4. So, the average response in 4. Standard deviation for the question is
1.21.
For the question “ Is employee salary payments issue caused by remote working a significant
security issue?” range of answers are Strongly disagree to Strongly agree. The average value is
 51

3.34 which is closer to 3. So, the average response in 3. Standard deviation for the question is
1.47.
For the question “Is investments issue caused by remote working a significant security issue?”
range of answers are strongly disagree to strongly agree. The average value is 2.97 which is
closer to 3. So, the average response in 3. Standard deviation for the question is 1.29.

4.2.3 – Descriptive Statistics for Using Public/Personal Wi-Fi

Is theft of Is unencrypted Is cyber-attacks Is malware
personal connections issue on business distribution
information issue caused by remote issue caused by issue caused by
caused by remote working a remote working remote working
working a significant security a significant a significant
significant issue? security issue? security issue?
security issue?
Minimum 1 1 1 1

Maximum 5 5 5 5
Average 2.942857 3.285714 3.571429 3.257143
Standard
Deviation 1.152272 1.24347 1.313792
1.349136

For the question “Is theft of personal information issue caused by remote working a significant
security issue?” range of answers are strongly disagree to strongly agree. The average value is
2.9 which is closer to 3. So, the average response in 3. Standard deviation for the question is
1.34.
For the question “ Is company procument payment issue caused by remote working a significant
security issue?” range of answers are Strongly disagree to Strongly agree. The average value is
3.28 which is closer to 3. So, the average response in 3. Standard deviation for the question is
1.15.
 52

For the question “ Is employee salary payments issue caused by remote working a significant
security issue?” range of answers are Strongly disagree to Strongly agree. The average value is
3.57 which is closer to 4. So, the average response in 4. Standard deviation for the question is
1.24.
For the question “Is malware distribution issue caused by remote working a significant security
issue?” range of answers are strongly disagree to strongly agree. The average value is 3.25 which
is closer to 3. So, the average response in 3. Standard deviation for the question is 1.31.

4.2.4 – Descriptive Statistics for Using Personal Devices

Is data theft issue Is devices to be Is malware Is improper
caused by remote damaged issue issue caused by mobile
working a caused by remote remote working management
significant working a a significant issue caused by
security issue? significant security security issue? remote working
issue? a significant
security issue?
Minimum 1 1 1 1

Maximum 5 5 5 5
Average 3.428571 3.314286 2.742857 2.885714
Standard 1.254906
Deviation 1.268228 1.323352
1.39928

For the question “Is data theft issue caused by remote working a significant security issue?”
range of answers are strongly disagree to strongly agree. The average value is 3.42 which is
closer to 3. So, the average response in 3. Standard deviation for the question is 1.39.
For the question “Is devices to be damaged issue caused by remote working a significant security
issue?” range of answers are strongly disagree to strongly agree. The average value is 3.31 which
is closer to 3. So, the average response in 3. Standard deviation for the question is 1.25.
 53

For the question “Is malware issue caused by remote working a significant security issue?” range
of answers are strongly disagree to strongly agree. The average value is 2.74 which is closer to 3.
So, the average response in 3. Standard deviation for the question is 1.26.
For the question “ Is improper mobile management issue caused by remote working a significant
security issue?” range of answers are Strongly disagree to Strongly agree. The average value is
2.88 which is closer to 3. So, the average response in 3. Standard deviation for the question is
1.32.

4.2.5 – Descriptive Statistics for Security issues of remote working at Commercial bank
Has work from home strategy implemented at
Commercial bank caused a significant
security issue?
Minimum 1
Maximum 5
Average 3.142857
Standard Deviation 1.396274

For the question “Has work from home strategy implemented at Commercial bank caused a
significant security issue?” range of answers are strongly disagree to strongly agree. The average
value is 3.14 which is closer to 3. So, the average response in 3. Standard deviation for the
question is 1.39.
 54

4.3 – Correlation Analysis

Personal data Transaction Using Using Personal
Description theft of remote data theft of public/personal devices of
working remote working Wi-Fi of remote remote working
strategy strategy working strategy
implemented at implemented at strategy implemented at
commercial commercial implemented at commercial
bank caused bank caused commercial bank caused
significant significant bank caused significant
security issue security issue significant security issue
security issue
Correlation
value 0.785672 0.853419 0.928173 0.733181

The correlation value between Personal data theft of remote working strategy implemented at
commercial bank caused significant security issue is 0.785672 which is greater than 0.7 and the
correlation value is High positive.
The correlation value between Transaction data theft of remote working strategy implemented at
commercial bank caused significant security issue is 0.853419 which is greater than 0.7 and the
correlation value is High positive.
 55

The correlation value between using public/personal Wi-Fi of remote working strategy
implemented at commercial bank caused significant security issue is 0.928173 which is greater
than 0.7 and the correlation value is High positive.
The correlation value between Using Personal devices of remote working strategy implemented
at commercial bank caused significant security issue is 0.733181 which is greater than 0.7 and
the correlation value is High positive.

4.4 – Regression Analysis

4.4.1 – Regression analysis between security issues of personal data theft caused by remote
working and work from home strategy implemented at commercial bank caused significant
security issue.
ANOVA
df SS MS F Significanc
eF
Regressio 1 20.3949 20.3949 37.0961 0.0003559
n 4 4 9 8
Residual 23 12.6450 0.54978
6 5
Total 24 33.04

The Anova Table P value between Independent variable security issues of personal data theft
caused by remote working and work from home strategy implemented at commercial bank
caused significant security issue is 0. The P is less than 0.05 and there is a relationship among
the variables.

4.4.2 – Regression analysis between security issues of transaction theft caused by remote
working and work from home strategy implemented at commercial bank caused significant
security issue.
ANOVA
 56

df SS MS F Significan
ce F
Regressi 1 24.0638 24.063 61.6594 0.000834
on 8 1 98
Residual 23 8.97620 0.3902
3 7
Total 24 33.04

The Anova Table P value between Independent variable security issues of transaction theft
caused by remote working and work from home strategy implemented at commercial bank
caused significant security issue is 0. The P is less than 0.05 and there is a relationship among
the variables.

4.4.3 – Regression analysis between security issues of using public/personal Wi-Fi caused
by remote working and work from home strategy implemented at commercial bank caused
significant security issue.
ANOVA
df SS MS F Significan
ce F
Regressi 1 28.464 28.464 143.07 0.000236
on 16 16 22 11
Residual 23 4.5758 0.1989
4 5
Total 24 33.04

The Anova Table P value between Independent variable security issues of using public/personal
Wi-Fi caused by remote working and work from home strategy implemented at commercial bank
caused significant security issue is 0. The P is less than 0.05 and there is a relationship among
the variables.

4.4.4 – Regression analysis between security issues of using personal devices caused by
remote working and work from home strategy implemented at commercial bank caused
significant security issue.
ANOVA
df SS MS F Significanc
 57

eF
Regressi 1 17.760 17.760 26.73 0.0003057
on 77 77 55 99
Residual 23 15.279 0.6643
23 14
Total 24 33.04

The Anova Table P value between Independent variable security issues of using personal devices
caused by remote working and work from home strategy implemented at commercial bank
caused significant security issue is 0. The P is less than 0.05 and there is a relationship among
the variables.

4.5 – Hypothesis Testing

Description Correlation test Regression test Overall result Hypothesis test
Security issues of Positive yes Positive Reject H0
personal data theft Relationship
caused by remote
working and work
from home strategy
implemented at
commercial bank
caused significant
security issue.
Security issues of Positive yes Positive Reject H0
transaction theft Relationship
caused by remote
working and work
from home strategy
implemented at
 58

commercial bank
caused significant
security issue.
Security issues of Positive yes Positive Reject H0
using Relationship
public/personal Wi-
Fi caused by remote
working and work
from home strategy
implemented at
commercial bank
caused significant
security issue.
Security issues of Positive yes Positive Reject H0
using personal Relationship
devices caused by
remote working and
work from home
strategy
implemented at
commercial bank
caused significant
security issue.

For Security issues of personal data theft caused by remote working and work from home
strategy implemented at commercial bank caused significant security issue., there exists a
positive relationship, therefore, reject H0.
For Security issues of transaction data theft caused by remote working and work from home
strategy implemented at commercial bank caused significant security issue., there exists a
positive relationship, therefore, reject H0.
For Security issues of using public/personal Wi-Fi caused by remote working and work from
home strategy implemented at commercial bank caused significant security issue., there exists a
positive relationship, therefore, reject H0.
 59

For Security issues of using personal devices caused by remote working and work from home
strategy implemented at commercial bank caused significant security issue., there exists a
positive relationship, therefore, reject H0.

Chapter 5 – Conclusions
The following conclusion presents the findings of a research study conducted to explore the
security implications of remote working, particularly in the context of a commercial bank. As
remote work becomes increasingly prevalent, concerns about security vulnerabilities have come
to the forefront. This study aims to shed light on various security issues associated with remote
working and their potential impact on the implementation of a work from home strategy at a
commercial bank. The research encompasses an analysis of personal data theft, transaction theft,
the use of public/personal Wi-Fi, and the use of personal devices in remote work scenarios.
Through correlation, regression analysis, and hypothesis testing, the study seeks to uncover
patterns and relationships that inform the overall security landscape of remote work at a
commercial bank.
This study is driven by 4 objectives
 To assess the perception of participants regarding the significance of security issues
related to personal data theft in the context of remote working.
 To examine the perceived significance of security concerns pertaining to transaction theft
caused by remote working.
 60

 To explore the perception of participants regarding security risks associated with the use
of public/personal Wi-Fi in a remote work setting.
 To investigate the perceived security implications of using personal devices for remote
work.

The target population for this study consists of employees in the banking sector who have
experienced or are currently engaged in remote working. A sample size of [mention the sample
size] participants was selected using a questionnaire-based survey. The questionnaire consisted
of a series of questions that gauged the participants' opinions and perceptions about various
security issues related to remote working. The participants' responses were then analyzed using
statistical techniques such as descriptive statistics, correlation analysis, and regression analysis to
derive meaningful insights
In summary, this research delves into the security implications of remote working within the
context of a commercial bank. It investigates participants' perceptions of security concerns
related to personal data theft, transaction theft, Wi-Fi usage, and the use of personal devices. The
study's methodology involves data collection through questionnaires, followed by a thorough
analysis of the responses using descriptive statistics, correlation analysis, and regression
analysis. The objectives of the study are to understand the relationships between these security
concerns and the implementation of a work from home strategy at a commercial bank. The
ensuing conclusions offer insights into the complex interplay between remote work and security
considerations in a banking environment.

5.1 – Conclusion for personal data theft caused by remote working a

significant security issue
There is a positive relationship between security issues related to personal data theft caused by
remote working and the implementation of a work from home strategy at a commercial bank.
This means that as concerns about personal data theft due to remote working increase, the
perception of a significant security issue related to the work from home strategy also increases.
The hypothesis that there is a positive relationship between these variables is supported.

5.1.1 – Conclusion for Is personal data issue caused by remote working a significant
security issue?
 61

The majority of respondents strongly agree that personal data theft caused by remote working is
a significant security issue, with a count of 10. This indicates a high level of concern among
participants about the potential risks associated with personal data theft while working remotely.

5.1.2 – Conclusion for Is financial details issue caused by remote working a significant
security issue?
A significant number of respondents (12) agree that financial details issue caused by remote
working is a significant security concern. This consensus further emphasizes the importance of
addressing financial data security when implementing remote work strategies.

5.1.3 – Conclusion for Is medical data issue caused by remote working a significant security
issue?
Most respondents (9) disagree that medical data issues caused by remote working are a
significant security issue. This suggests that participants may perceive medical data as less
vulnerable compared to other types of personal information when working remotely.

5.1.4 – Conclusion for Is social media account details issue caused by remote working a
significant security issue?
The majority of respondents (10) express neutrality regarding the significance of social media
account details being compromised due to remote working. This indicates that the concern level
for social media account security during remote work is relatively balanced.
 62

5.2 – Conclusions for transaction theft caused by remote working a significant

security issue
Similarly, there is a positive relationship between security issues associated with transaction theft
caused by remote working and the work from home strategy implemented at the commercial
bank. This suggests that as worries about transaction theft due to remote working rise, the
perception of a significant security issue related to the work from home strategy also increases.
The hypothesis that there is a positive relationship between these variables is supported.

5.2.1 – Conclusions for Is personal accounts theft issue caused by remote working a
significant security issue?
A majority of respondents agree (9) that personal accounts theft caused by remote working is a
significant security issue. This suggests that there is a substantial concern among participants
about the potential risks associated with personal account theft during remote work.

5.2.2 – Conclusions for Is company procurement payments issue caused by remote working
a significant security issue?
 63

Respondents are mostly neutral (11) regarding the significance of company procurement
payment issues caused by remote working as a security concern. This suggests that there might
be mixed opinions about the security risks associated with procurement payments during remote
work.

5.2.3 – Conclusions for Is employee salary payments issue caused by remote working a
significant security issue?
The respondents' opinions are divided, with some participants disagreeing (6) and others
agreeing (6) that employee salary payment issues caused by remote working are significant
security concerns. This indicates differing perceptions among participants about the potential
risks to employee salary payments during remote work.

5.2.4 – Conclusions for Is investments issue caused by remote working a significant security
issue?
Most respondents express neutrality (10) regarding the significance of investments issues caused
by remote working as a security concern. This suggests that participants may not view
investment data as a primary security concern in the context of remote work.

5.3 – Conclusions for using public/personal Wi-Fi caused by remote working a

significant security issue
The analysis indicates a positive relationship between security concerns related to using
public/personal Wi-Fi for remote working and the work from home strategy at the commercial
bank. As concerns about the security of public/personal Wi-Fi connections increase, the
perception of a significant security issue regarding the work from home strategy also increases.
The hypothesis that there is a positive relationship between these variables is supported.

5.3.1 – Conclusions for Is theft of personal information issue caused by remote working a
significant security issue?
Respondents are predominantly neutral (9) regarding the significance of theft of personal
information caused by remote working as a security issue. This suggests that opinions are
divided on the extent to which personal information theft is considered a major security concern
during remote work.
 64

5.3.2 – Conclusions for Is unencrypted connections issue caused by remote working a

significant security issue?
Most respondents are also neutral (11) concerning the significance of unencrypted connections
issue caused by remote working as a security concern. This indicates a lack of consensus on the
perceived risks associated with using unencrypted connections during remote work.

5.3.3 – Conclusions for Is cyber-attacks on businesses issue caused by remote working a

significant security issue?
The majority of respondents express neutrality (10) about the significance of cyber-attacks on
businesses as a security concern caused by remote working. This suggests that participants may
not universally view remote work as a significant factor in cyber-attack vulnerability for
businesses.

5.3.4 – Conclusions for Is malware distribution issue caused by remote working a

significant security issue?
Respondents are primarily neutral (10) regarding the significance of malware distribution issue
caused by remote working as a security concern. This indicates that opinions are divided on the
extent to which remote working contributes to the risk of malware distribution.

5.4 – Conclusion for using personal devices issue caused by remote working a
significant security issue
There is a positive relationship between security issues related to using personal devices for
remote working and the implementation of a work from home strategy at the commercial bank.
As concerns about the security of personal devices used for remote work increase, the perception
of a significant security issue tied to the work from home strategy also increases. The hypothesis
that there is a positive relationship between these variables is supported.

5.4.1 – Conclusions for Is data theft issue caused by remote working a significant security
issue?
A majority of respondents strongly agree (10) that data theft caused by remote working is a
significant security issue. This indicates a high level of concern among participants about the
potential risks associated with data theft when using personal devices for remote work.
 65

5.4.2 – Conclusions for Is devices to be damaged issue caused by remote working a

significant security issue?
Most respondents express neutrality (9) concerning the significance of devices being damaged
issue caused by remote working as a security concern. This suggests that participants may not
uniformly view device damage as a major security issue during remote work.

5.4.3 – Conclusions for Is malware issue caused by remote working a significant security
issue?
Respondents are mostly in disagreement (10) about the significance of malware issues caused by
remote working as a security concern. This indicates that participants do not perceive remote
working to be a significant factor in contributing to the risk of malware infections.

5.4.4 – Conclusions for Is improper mobile management issue caused by remote working a
significant security issue?
The majority of respondents disagree (9) that improper mobile management caused by remote
working is a significant security issue. This suggests that participants may not consider improper
mobile management to be a primary security concern during remote work.

A recurrent trend across multiple security concerns appears in this extensive study that examines
the security implications of remote working within the setting of a commercial bank. According
to the research, there is a link between these worries and using a work from home method. This
shows that the perception of a serious security risk connected with the work from home approach
increases as concerns about security issues, in particular personal data theft, transaction theft,
Wi-Fi usage, and the use of personal gadgets, climb due to remote working.
As the commercial banking sector continues to navigate the landscape of remote work, these
insights provide valuable guidance for decision-makers. They underscore the importance of
prioritizing robust security measures and comprehensive strategies to mitigate potential risks
associated with remote work. By recognizing the interplay between security concerns and the
implementation of remote work strategies, organizations can formulate more effective and well-
rounded approaches to safeguarding sensitive information and maintaining a secure operational
environment.
In conclusion, this study not only highlights the significance of security concerns during remote
work but also emphasizes the imperative of fostering a secure work environment that aligns with
 66

the changing dynamics of the modern workplace. As organizations adapt to remote work, an
unwavering commitment to security remains pivotal to maintaining trust, protecting assets, and
ensuring the integrity of operations in an evolving digital landscape.

Chapter 6 – Recommendations
As the modern business landscape continues to evolve, the adoption of remote work strategies
has become a prominent consideration for organizations worldwide. While remote work offers
flexibility and efficiency, it also presents unique security challenges, particularly concerning
personal data theft. In light of this, the following set of recommendations has been crafted to
empower Commercial bank with effective strategies to address and mitigate the risks associated
with personal data theft during remote work.
These recommendations aim to guide Commercial bank in establishing comprehensive security
measures, fostering employee awareness and accountability, and implementing advanced
technological solutions to safeguard sensitive customer information. By proactively addressing
the intricacies of personal data theft in a remote work context, Commercial bank can uphold
their commitment to data privacy, maintain customer trust, and ensure the robustness of their
security infrastructure. Each recommendation addresses specific aspects of personal data theft
concerns and offers actionable steps to ensure a secure and resilient remote work environment.
 67

6.1 – Recommendation for personal data theft caused by remote working a

significant security issue

Enhanced security measures for remote access

These suggestions are intended to help commercial banks build thorough security protocols,
promote staff responsibility and awareness, and put cutting-edge technical solutions in place to
protect critical client data. Commercial bank may honor their commitment to data privacy,
preserve customer trust, and ensure the strength of their security architecture by proactively
addressing the nuances of personal data theft in a remote work scenario. Each suggestion gives
practical ways to establish a safe and secure remote working environment and tackles a
particular component of worries about personal data theft.

Data Encryption and Protection

Securing data in transit and at rest is paramount in safeguarding customer information. The bank
should enforce end-to-end encryption for all data transmitted between remote employees and the
bank's servers. This encryption ensures that even if intercepted, the data remains unreadable to
unauthorized parties. Encryption tools should also be leveraged to secure sensitive files stored on
remote devices. This measure prevents unauthorized access in case a device is compromised or
lost. Additionally, implementing data loss prevention (DLP) solutions aids in monitoring and
preventing unauthorized data transfers, further safeguarding sensitive information from leakage.

Employee Training and Awareness

A well-informed workforce is a pivotal defense against data theft. The bank should provide
comprehensive training to remote employees, educating them about prevalent threats such as
phishing attacks and social engineering tactics. Regular cybersecurity awareness programs
should be conducted to reinforce the importance of data protection. By fostering a culture of
vigilance, remote employees become the first line of defense against potential breaches.
Encouraging prompt reporting of suspicious activities and incidents to the bank's security team
enables swift action and containment, minimizing the impact of potential breaches.

Secure Data Handling Practices

Proper data handling practices are vital to prevent inadvertent data breaches. Remote employees
should be instructed to refrain from storing sensitive data on personal devices. Instead, they
should utilize the bank's secure cloud storage solutions, ensuring centralized control and
 68

enhanced security. Clear protocols for secure data sharing and collaboration should be
established, prioritizing the use of encrypted communication channels to maintain
confidentiality. Additionally, guidelines for secure printing and disposal of sensitive documents
should be communicated to prevent physical data breaches that may arise from mishandling of
printed materials.

6.2 – Recommendation for transaction theft caused by remote working a

significant security issue

Enhanced Security Measures for Transaction Data Theft Prevention

In the realm of transaction data theft prevention, Commercial bank must bolster their security
measures to safeguard critical financial information. Implementing strong multi-factor
authentication (MFA) protocols is essential. By requiring multiple layers of verification, such as
passwords and biometrics, the bank can ensure that only authorized personnel gain access to
sensitive transactional systems. Additionally, regular security audits and penetration testing
should be conducted to identify and rectify vulnerabilities in the remote access infrastructure.
This proactive approach strengthens the bank's ability to thwart potential breaches.

Utilizing VPNs for Secure Communication

To establish a secure channel for remote transactions, the use of virtual private networks (VPNs)
is crucial. VPNs create encrypted tunnels that shield transactional data from interception,
ensuring its confidentiality during transmission. The bank should mandate the use of VPNs for
all remote transactions, thereby mitigating the risk of data interception by unauthorized parties.
 69

Furthermore, adopting advanced intrusion detection and prevention systems (IDPS) can provide
real-time monitoring of network traffic, detecting and responding to any suspicious activities that
may indicate transaction data theft attempts.

Implementing Robust Data Encryption Protocols

The implementation of robust data encryption protocols is paramount in preventing transaction
data theft. The bank should enforce end-to-end encryption for all transactional data transmitted
between remote employees and the bank's servers. This ensures that even if data is intercepted, it
remains unreadable and unusable by malicious actors. Moreover, data encryption should extend
to the storage of sensitive transactional information on remote devices. By utilizing encryption
tools, the bank can thwart unauthorized access in case of device compromise, loss, or theft.

Employee Training and Incident Reporting

An educated workforce is pivotal in mitigating transaction data theft risks. The bank should
provide comprehensive training to remote employees, focusing on identifying fraudulent
transactions, recognizing social engineering tactics, and understanding the importance of secure
transaction handling. Regular cyber security awareness programs should be conducted to
reinforce these practices. Encouraging remote employees to promptly report any suspicious
transactional activities to the bank's security team facilitates quick response and containment,
minimizing potential financial losses.
 70

6.3 – Recommendation for using public/personal Wi-Fi caused by remote

working a significant security issue
Strengthening Wi-Fi Security Measures
When addressing the security concerns associated with using public and personal Wi-Fi
networks for remote work, commercial banks should prioritize the implementation of robust
security measures. Encouraging remote employees to use Virtual Private Networks (VPNs)
when connecting to public Wi-Fi networks is crucial. VPNs establish encrypted tunnels that
shield data from potential eavesdropping, enhancing the security of sensitive information
transmitted over unsecured networks. Additionally, the bank should provide guidelines for
securing personal Wi-Fi networks at home, emphasizing strong encryption protocols and unique,
complex passwords to prevent unauthorized access.

Implementing Network Monitoring and Threat Detection

To mitigate the risks of using public and personal Wi-Fi, commercial banks should consider
implementing network monitoring and threat detection solutions. Advanced Intrusion Detection
and Prevention Systems (IDPS) can analyze network traffic in real-time, identifying and
responding to potential threats. By continuously monitoring for suspicious activities, the bank
can detect any unauthorized access attempts or data breaches originating from compromised Wi-
 71

Fi connections. Regular vulnerability assessments and security audits of remote devices can also
help identify potential weaknesses in network security.

Educating Remote Employees about Wi-Fi Risks

Effective employee education plays a pivotal role in minimizing the security risks associated
with public and personal Wi-Fi networks. The bank should provide comprehensive training to
remote employees, highlighting the potential dangers of using unsecured Wi-Fi networks and
emphasizing safe practices. Employees should be educated on the risks of connecting to public
Wi-Fi hotspots without proper security measures and should be encouraged to prioritize the use
of secure connections, such as VPNs, even when working remotely. Regular cyber security
awareness programs can reinforce these practices and help remote employees make informed
decisions about Wi-Fi usage.

Enabling Remote Work Technology

To further mitigate the security risks of using public and personal Wi-Fi, the bank should invest
in enabling remote work technologies that provide a secure environment for employees. This
may include providing remote employees with company-issued devices equipped with security
software and encrypted communication tools. By ensuring that remote employees have access to
secure technology solutions, the bank can minimize the vulnerabilities associated with using
personal devices and unsecured Wi-Fi networks for work purposes.
 72

6.4 – Recommendation for using personal device issue caused by remote

working a significant security issue
Device Security Enhancement
To tackle the security challenges posed by the use of personal devices for remote work,
commercial banks should focus on enhancing device security. Implementing strong security
measures, such as device encryption and biometric authentication, helps safeguard sensitive
information stored on personal devices. The bank should provide clear guidelines on configuring
security settings, ensuring devices are protected against unauthorized access. Regular software
updates and patches should be enforced to address potential vulnerabilities and maintain the
security of these devices.

Mobile Device Management (MDM) Solutions

Employing Mobile Device Management (MDM) solutions is essential for maintaining control
over personal devices used for remote work. These solutions allow the bank to enforce security
policies, remotely wipe devices in case of loss or theft, and ensure compliance with security
standards. By centralizing device management, the bank can mitigate risks associated with
unsecured personal devices and maintain a higher level of data protection. Offering guidance on
setting up MDM solutions and educating employees about their benefits will encourage their
adoption.
 73

Employee Training on Device Security

Effective employee training is pivotal in reducing the security risks posed by personal devices.
The bank should provide comprehensive training on secure device usage, including best
practices for securing devices, recognizing phishing attempts, and reporting security incidents
promptly. Regular cyber security awareness programs should reinforce the importance of
maintaining strong device security practices. Encouraging employees to segregate work-related
activities from personal use on their devices and emphasizing the need to adhere to security
guidelines further strengthens the security posture.

Secure Data Handling Protocols

Defining clear protocols for secure data handling on personal devices is crucial. The bank should
encourage employees to avoid storing sensitive data on personal devices whenever possible.
Instead, emphasize the use of secure cloud storage solutions that offer encryption and controlled
access. Establish guidelines for secure sharing and collaboration, emphasizing the use of
encrypted communication channels for transmitting sensitive data. Additionally, instruct
employees on the proper disposal of sensitive documents to prevent potential physical breaches
of data.
 74

References

Albert, 2021. Digital whale. [Online]

Available at: https://www.thedigitalwhale.com
[Accessed 20th february 2023].

Anon., 2021. Corperate finance. [Online]

Available at: https://corporatefinanceinstitute.com
[Accessed 20th february 2023].

Blanco, A. G., 2017. How can I protect myself from data theft. BBVA, 1(1), p. 3.

Chadha, S., 2022. transaction theft. Indiatimes, 2(1), p. 5.

Commercial, B., 2022. Combank.lk. [Online]

Available at: https://www.combank.lk
[Accessed 20th february 2023].

Geetha, V., 2021. Online personal theft - Indian perspective. Emerald Insight, 1(1), p. 2.

Geoogia Crossland, A. E., June. security issues in remote working. Remote working and in
security, 1(1), pp. 1-2.

Gregory, J., 2021. Security Ontelligence. [Online]

Available at: https://securityintelligence.com
[Accessed 20th february 2023].
 75

Guizani, 2021. wgu. [Online]

Available at: https://www.wgu.edu
[Accessed 20th february 2023].

Hougen, A., 2020. cloudwards. [Online]

Available at: https://www.cloudwards.net
[Accessed 15th March 2023].

IntregrisTeam, 2021. Integris. [Online]

Available at: https://integrisit.com
[Accessed 15th March 2023].

Joesph, 2021. BEMO. [Online]

Available at: https://www.bemopro.com
[Accessed 15th March 2023].

Samiksha, 2021. your article library. [Online]

Available at: https://www.yourarticlelibrary.com
[Accessed 15th March 2023].

Soare, B., 2021. Heimdal security. [Online]

Available at: https://heimdalsecurity.com
[Accessed 15th March 2023].

Thomas, O., 2019. Online ID thefts, investigation and response. Angeloupoulo, 1(1), p. 3.

Tina, 2010. Internet transactions and Identity theft. Ezine Articles, 2(1), p. 3.

Wang, L., 2021. Transaction theft and security. Science Direct, 2(1), p. 4.

Commercial bank mission vission value [online] available at:

https://www.commercial-bank.com/about-us/our-mission-vision-and-values.html

[Accessed 20th february 2023].