FFIEC Information Security and GLBA Integrity

How CimTrak Helps With FFIEC Information Security and GLBA Integrity

Meet GLBA and FFIEC Compliance Objectives

Dashboard UPDATE BASELINE MODE
C - Blue

ENSURE

Maintain security and confidentiality of customer information through system integrity. 

K - Blue

PROTECT

Arm your systems to detect and alert on any unknown or unexpected changes in real-time. 

B - Blue

MANAGE

Generate complete audit trails of all detected changes allowing for simple investigation of events as well as reporting for both management and auditors.

CimTrak Helps Financial Institutions Meet Compliance Objectives

With the passage of the Gramm-Leach-Bliley Act (GLBA) in 1999, financial institutions were required to implement policies that protected critical electronic customer information for being accessed, disclosed, or used in an unauthorized manner. 

With security management and data breaches making the news on a daily basis, IT security is now more important than ever. Security operations and a detection system have become top of mind for many organizations.

The GLBA “Safeguards Rule” requires financial institutions to achieve three objectives related to data security.

ffiec

How CimTrak Helps Meet Various requirements Using File Integrity Monitoring (FIM)

  • Assessing the security and integrity of system and application software including software under development
  • Firewall and routing configuration controls
  • Host security to detect and alert to all unauthorized and authorized changes
  • Support security incident detection via log management and strong audit trails
    Securing customer’s financial data in the cloud
  • Monitoring of custom software applications specific to financial institutions such as banks and credit unions.

FFIEC and InfoSec Requirements

The Federal Financial Institutions Examination Council, more commonly known as the FFIEC, is comprised of representatives from several financial agencies and organizations including the Federal Deposit Insurance Corporation (FDIC) and the Federal Reserve System. The FFIEC publishes guidance on how banks and other financial institutions can set about securing their IT assets and comply with the Safeguards Rule. Of particular note is the IT Examination Information Security Handbook published in 2006. It discussed key IT security objectives including how to protect information from a data breach as well as ensuring data integrity.

The Safeguards Rule Objectives

  1. Ensure the security and confidentiality of customer information
  2. Protect against any anticipated threats or hazards to the security or integrity of such information; and
  3. Protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer.

 

Meet GLBA and FFIEC Compliance Objectives

See for yourself how to make your systems truly secure and compliant.