CimTrak Helps Financial Institutions Meet FFIEC IT Security Requirements

FFIEC Information Security and Integrity

With passage of the Gramm-Leach-Bliley Act (GLBA) in 1999, financial institutions were required to implement policies that protected critical electronic customer information for being accessed, disclosed, or used in an unauthorized manner. With data breaches making the news on an almost daily basis, IT security is now more important that ever.

The GLBA “Safeguards Rule” requires financial institutions to achieve three objectives related to data security.

The Safeguards Rule Objectives

  1. Insure the security and confidentiality of customer information
  2. Protect against any anticipated threats or hazards to the security or integrity of such information; and
  3. Protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer.

The FFIEC and Information Security Requirements

The Federal Financial Institutions Examination Council, more commonly known as the FFIEC, is comprised of representatives from several financial agencies and organization including the Federal Deposit Insurance Corporation (FDIC) and the Federal Reserve System. The FFIEC publishes guidance on how banks and other financial institutions can set about securing their IT assets and comply with the Safeguards Rule. Of particular note is the IT Examination Information Security Handbook published in 2006. It discussed key IT security objectives including how to protect information from a data breach as well as ensuring data integrity.

How CimTrak Helps

CimTrak assists in meeting various requirements from FFIEC Examination Handbooks as well as other guidance bulletins. These include :

  • Assessing the security and integrity of system and application software including software under development
  • Firewall and routing configuration controls
  • Host security to detect and alert to all changes
  • Support security incident detection via logging and strong audit trails
  • Securing customer’s financial data in the cloud
  • Monitoring of custom software applications specific to financial institutions such as banks and credit unions.

Meeting FFIEC Requirements With CimTrak Download

We Continue to Innovate

CimTrak focuses on developing new functionalities and cutting-edge innovations. See for yourself why CimTrak is the best alternative to Tripwire® software.