Determinants Of Data Security In Management Information Systems Of Commercial Banks In Nairobi, Kenya

ABSTRACT

In Kenya, rarely are cases concerning data security breaches on commercial banks reported or documented. This does not however mean that there are no such cases or that the information systems used by the commercial banks are completely secure. In as much as due diljgeoce~d gross assessment of usage, vulnerability, security and recovery of the systems adopted ~y these banks is done before their adoption, it is worth to note that the human brain has remained superior to computers, implying therefore that the information stored within these information systems is not fool proof and that there do exist risks of manipulation of their data by rogue and systematic users. Further, limited study has been carried out to determine factors that influence data security in the Information systems used by the banks. Occurrence of a breach in data security is unpredictable and as such, informed defence against their occurrence is critical. It is against this backdrop that this study seeks to establish the factors that influence data security in commercial banks. The objective of the study was to determine the factors that influence data security in the management information systems used by commercial banks in Nairobi, Kenya. The study will adopt a cross-sectional survey in which different banks will be studied. Primary data was collected using a questionnaire while an extensive literature review has been done using various secondary sources. The target population was the information security staff working in the headquarters of commercial banks located in Nairobi. A census for all the banks in Nairobi was carried out and the study targeted two respondents per bank, at two strata; one senior IT manager and a general IT technician. Questionnaires were distributed at all the bank's headquarters and collected after a period of seven days. Introduction correspondence were done through email to all the bank's human resource department which were requested to allocate two random respondents. The data collected was thereafter coded andentered into SPSS and analysed using descriptive statistics and Pearson correlation. Out of 86 questionnaires distributed 66 were successfully completed and refilmed by respondents from 34 commercial banks, giving questionnaire response rate of 76.721-~: The results indicates thattype of data increases chances of breach attempts. The amount of data is strongly positively correlated with data integrity and network security. The study also established that customers have contributed to cases of fraud due to poor handling of their data. Majority of respondents indicated that their organization have experienced frauds through use of hostile technology e.g. ATM skimming. From the research findings, it can be concluded that type and size of data, user knowledge and hostile technology does influence data integrity and network security. The research therefore concludes that both sufficient financial and human resources should be deployed by the commercial banks to deal with data security. This study identifies key factors in banks data that might compromise data security with a view to educating the stewards of banks influencing their direction of designing systems to guarantee banks data integrity and network security. The research recommends that for the integrity of the data and network security the top management should support effective training, skill up-grading and awareness mechanisms to bank employees that would respond and continuously adapt to emerging technological challenges in the bank's MIS infrastructure.