Designing a Comprehensive Model for Data Security Management in the Country’s Banking Network

Document Type : Research Paper

Authors

1 Department of Knowledge and Information Science, Faculty of Management,

2 Department of Knowledge and Information Science, Faculty of Management, University of Tehran, Tehran, Iran

Abstract

Objective: In today’s digital landscape, data is widely regarded as an organization’s most valuable asset and a critical strategic resource, necessitating robust measures to ensure its security. Accordingly, this study aims to develop a comprehensive data security management model tailored to the national banking network.
Method: This study adopts an exploratory sequential mixed-methods design, integrating both library-based (documentary) and field-based data collection approaches. The library-based component draws on scholarly books, peer-reviewed articles, and academic journals to construct the theoretical framework. The field component employs semi-structured interviews and structured questionnaires. The study population comprises two distinct groups: (1) banking network managers and subject-matter experts, who participate in the interviews, and (2) bank managers, deputy managers, and staff, who complete the questionnaires. Qualitative data were analyzed using MAXQDA software, and quantitative data were analyzed using SmartPLS to develop and validate a comprehensive data security management model for the national banking network.
Results: The analysis identified eight key components that significantly influence data security management in the national banking network (p < 0.05): (1) primary causes of security incidents in banks, (2) barriers and concerns related to implementing enhanced security compliance, (3) security strategies employed over the past six months, (4) existing data security measures, (5) the data security lifecycle, (6) additional security measures required to strengthen data protection, (7) data security mechanisms in online banking services, and (8) financial services impacted by data security mechanisms.
Conclusions:
Security strategies should prioritize employee training, compliance with emerging regulatory requirements, and the enhancement of inter-bank coordination to foster sustainability and reinforce trust within the banking network. Collectively, these elements contribute to a more robust data security management framework, elevating the maturity and coherence of data protection practices across the national banking system.

Keywords

References

آزاد سنجری، سمیرا، و چهارسوقی، سیدکمال (1403). نوآوری‌ها و توسعه امنیت سایبری در بانک‌های ایران: تحلیل SWOT و مقایسه فرصت‌ها. دومین کنفرانس مهندسی و مدیریت فرایندهای سازمانی. تهران، ایران.
احمدی، سعید (1402). تهدیدات سایبری در شبکه‌های هوشمند: مطالعه موردی اینترنت اشیا و رایانش ابری. کنفرانس بین‌المللی امنیت سایبری (صص 112–125). تهران، ایران.
درودی، فریبرز، و جمشیدی، زینب (1400). سنجش مؤلفه‌های امنیت اطلاعات در دسترسی و استفاده از کتابخانه‌های دیجیتال. پژوهشنامه پردازش و مدیریت اطلاعات، 37(1)، 117–134. https://doi.org/10.52547/jipm.37.1.117
رضوانی، شهلا (1397). طراحی الگوی مدیریت امنیت اطلاعات در کتابخانه‌های دیجیتالی. پژوهشنامه کتابداری و اطلاع‌رسانی (مطالعات تربیتی و روان‌شناسی)، 8(1، پیاپی 15)، 337–356. https://doi.org/10.22067/riis.v0i0.61486
عزیزی سرخانی، محمد جواد، کردلوئی، حمیدرضا (1395). بررسی ابزارهای امنیتی بانکداری الکترونیک در بخش بانکداری دولتی بانک‌های هند با مروری بر جهانی‌شدن. دانش سرمایه‌گذاری، 5(18)، 253–262. http://www.jik-ifea.ir/article_8630.html
مغنی، حیدر؛ ناصحی‌فر، وحید، و ناطق، تهمینه (1398). چگونگی تأثیر گسترش فناوری‌های مالی بر بهبود عملکرد خدمات مالی. اقتصاد مالی، 13(49)، 183–212.
نوده فراهانی، ساناز؛ جباری، حسین، و پناهیان، حسین (1400). ارائه مدل مفهومی مؤلفه‌ها و شاخص‌های سرمایه انسانی مؤثر بر امنیت اطلاعات سازمان‌ها. فصلنامه پژوهش‌های حفاظتی و امنیتی، 6(9)، 147–170.
وجدانی، بنفشه (1403). بررسی اثرگذاری حریم خصوصی و امنیت خدمات بانکداری الکترونیک بر وفاداری مشتریان بانکی با تأکید بر قابلیت اطمینان. اولین کنفرانس بین‌المللی مدیریت، مهندسی صنایع، حسابداری و اقتصاد در علوم انسانی.
 
                                                                
Acquisti, A., & Grossklags, J. (2023). Privacy in the digital age: A social perspective. Journal of Privacy and Confidentiality. MIS Quarterly, 35(4), 1017-1041. https://doi.org/10.2307/41409971
Ahmadi, S. (2014). Cyber ​​threats in smart grids: A case study of internet of things and cloud computing. International Conference on Cyber ​​Security (pp. 112–125). Tehran, Iran. (in Persian)
Azad Sanjari, S., and Chaharsouki, K. (2014). Innovations and development of cybersecurity in Iranian banks: SWOT analysis and comparison of opportunities. Second Conference on Organizational Process Engineering and Management. Tehran, Iran. (in Persian)
Azizi Sorkhani, M.J., & Kordloui, H. (2016). A study of electronic banking security tools in the public banking sector of Indian banks with a review of globalization. Investment Knowledge, 5(18), 253–262. (in Persian)
Diesch, R., Pfaff, M., & Krcmar, H. (2020). A comprehensive model of information security factors for decision-makers. Computers & Security, 92, 101747.
Doroudi, F. , & Jamshidi,Z. (2021). Assessing the components of information security in accessing & use of digital libraries. Iranian Journal of Information Processing and Management, 37(1), 117-134. https://doi.org/10.52547/jipm.37.1.117 (in Persian)
Floridi, L., & Taddeo, M. (2024). Data ethics: A framework for responsible data use. Ethics and Information Technology.
Ghelani, D., Hua, T. K., & Koduru, S. K. R. (2022). Cyber security threats, vulnerabilities, and security solutions models in banking. Authorea Preprints.
Kalyan, M. (2023). Data lifecycle management: Understanding stages and best practices. Solix. https://www.solix.com/fa/blog/data-lifecycle-management-understanding-stages-best-practices/
Khrushch, N., Hryhoruk, P., Hovorushchenko, T., Lysenko, S., Prystupa, L., & Vahanova, L. (2020). Assessment of bank's financial security levels based on a comprehensive index using information technology. In M3E2-mlPEED (pp. 239–260).
Kimiagari, S., & Baei, F. (2021). Promoting e-banking actual usage: Mix of technology acceptance model and technology-organisation-environment framework. Enterprise Information Systems16(8-9), 1894356.
Kurylo, M. P., Klochko, A. M., Volchenko, N. V., Klietsova, N. V., & Bolotina, A. O. (2021). The use of biometric technologies for bank transaction security management against the background of the international experience: Evidence from Ukraine.
Li, F., Lu, H., Hou, M., Cui, K., & Darbandi, M. (2021). Customer satisfaction with bank services: The role of cloud services, security, e-learning and service quality. Technology in Society, 64, 101487.
Mousavi, S. H., Nabiollahi, A., & Khani, N. (2023). Systematic literature review on data governance. In Seventh National Conference on Enterprise Architecture Progress.
Mughni, H., Nasehifar, V., & Nateg, T. (2019). How the expansion of financial technologies affects the improvement of financial services performance. Financial Economics, 13(49), 183–212. (in Persian)
Nodeh Farahani, S., Jabbari, H., & Panahian, H. (2019). Presenting a conceptual model of human capital components and indicators affecting information security of organizations. Journal of Security and Protection Research, 6(9), 147–170.(in Persian)
Perwej, Y., Abbas, S. Q., Dixit, J. P., Akhtar, N., & Jalswal, A. K. (2021). A systematic literature review on the cyber security. International Journal of Scientific Research and Management, 9(12), 669–710.
Rezvani, S. (2018). Designing an information security management model in digital libraries. Library and Information Science Research, 8(1), 337-356. https://doi.org/10.22067/riis.v0i0.61486 (in Persian)
Saleh, M. S., & Alfantookh, A. (2011). A new comprehensive framework for enterprise information security risk management. Applied Computing and Informatics, 9(2), 107–118. https://doi.org/10.1016/j.aci.2011.05.002
Sarker, S., & Hossain, M. (2024). Building digital trust in the age of data breaches. Journal of Information Systems Security.
Schulz, K., Karovič, V., & Veselý, P. (2021). Options to improve the general model of security management in private bank with GDPR compliance. In Developments in Information & Knowledge Management for Business Applications (pp. 343–370). Cham, Switzerland: Springer.
Sharma, A., Rana, N. P., & Nunkoo, R. (2021). Fifty years of information management research: A conceptual structure analysis using structural topic modeling. International Journal of Information Management, 58, 102316.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225.
Strengholt, P. (2023). Data management at scale. Sebastopol, CA: O'Reilly Media.
Vinoth, S., Vemula, H. L., Haralayya, B., Mamgaln, P., Hasan, M. F., & Naved, M. (2022). Application of cloud computing in banking and e-commerce and related security threats. Materials Today: Proceedings, 51, 2172–2175.
Vojdani, B. (2020). Investigating the impact of privacy and security of electronic banking services on bank customer loyalty with emphasis on reliability. First International Conference on Management, Industrial Engineering, Accounting and Economics in the Humanities. (in Persian)
Academic Librarianship and Information Research
Volume 59, Issue 2
June 2025
Pages 1-28

Files

Share

How to cite

Statistics