About Us | Contact Us
View Cart

Beware the Ides of March, Maybe?

By Dan Hadaway | Wednesday, March 14, 2012 - Leave a Comment

If you’re still scrambling to comply with the 2010 American with Disabilities Act update requiring ATMs to be handicap accessible, you are not alone.  A Wall Street Journal article by Robin Sidel articulates that many banks are simply at the mercy of their ATM vendors and are not going to be ready by the March 15th deadline.

This whole issue helps illustrate one reason an annual update to your IT Strategy is a good idea.

Though the primary cause of banks not being ready is the order backlogs, banks that actively work a strategy document can show a paper trail demonstrating why it’s March 15th, 2012, and they are still not compliant.

Way back a year ago, those banks who are indeed actively managing a documented strategy inserted into their 2011 IT Strategy an update to their ATMs.  The tactical plan included documentation that they would investigate cost and priority issues.  Then, throughout 2001, reports on progress showed that the advent of wireless banking, the June 2011 Supplement to the October 2005 Authentication Guidance, and budgetary issues made the already difficult task of upgrading our ATMs more difficult.  From a risk perspective, these banks could demonstrate that though they were working with their vendors, there were bigger fish to fry.

Some banks are considering the overhaul of their ATMs to be “an undue burden,” which the updated ADA would allow as an excuse for non-compliance.  For example, BB&T is taking this route because they have over 2000 ATMs to address.

If undue burden is going to be your claim, that’s fine.  But you should have documented the claim long ago, and you would still be wise to show a paper trail that demonstrates ATM upgrades were in your strategy, and that the “surprise” of other higher priority projects (such as the June 2011 Authentication Supplement) took precedence.

As far as the legal threats we’ve been hearing about . . . . . we will soon find the answer to the question:  Are ambulance-chasers becoming ATM-chasers?

——————————————-——————————————————————–————————-

Dan Hadaway CRISC, CISA, CISM
Founder and President, Infotex

——————————————-——————————————————————–————————-

“Dan’s New Leaf” is a “fun blog to inspire thought in the area of IT Governance.”

 

 

 

Latest News
    As the investigation of the SolarWinds Hack was ongoing, another hack stole some of the limelight… This is the final update on the SolarWinds hack unless a major development comes to light. You can see the previous article here: “Autopsy of the SolarWinds Hack Update“. One of the largest cyber-espionage campaigns in the history of […]
    Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
    A Webinar-Movie infotex presents the 2021 update of a previously released webinar presented by our Lead Non-Technical Auditor, Adam Reynolds. This movie-short is intended for those who are planning to participate in an infotex Incident Response Test. Not sure about the importance of an Incident Response Test? Check out onetest.infotex.com for more information! Please let […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS INFOTEX PROMOTES BRYAN BONNELL TO DIGITAL MEDIA MANAGER infotex, the Managed Security Service Provider, announced Bryan Bonnell’s promotion from Senior Data Security Analyst to Digital Media Manager.  “He will continue his normal DSA duties on a limited basis, because we want everybody to stay in touch with […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS RYAN HENSLER OF INFOTEX, EARNS CISSP CERTIFICATE Ryan Hensler, Senior NOC Associate of infotex, Inc., recently received the CISSP certification. “Ryan has proven himself to be a seasoned security professional both in his work for infotex and now through achieving this certification.” said Sean Waugh, Information Security Officer. […]
    Dubious app store subscriptions bring in hundreds of millions of dollars in revenue… An article review. When it comes to malicious applications you’re probably familiar with things like malware and ransomware, and you have ways to avoid them.  Modern desktop and smartphone operating systems have built-in malware detection tools, and some web browsers even automatically […]
    Another Manifesto A supply-chain manifesto by the author of Never Say Never: A Password Manifesto! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . [Sssshh.  Turn out the lights.  Let’s lower our inner voices, as I have something to propose that might be a bit […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    While malware and security exploits continue to make headlines, the majority of reported security incidents involve phishing… An article review. With all the attention given recently to security incidents involving software exploits and high-profile malware attacks, it would be easy to believe that they represented the most likely incidents you may encounter in the wild.  […]
    Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidance on the selection and use of a Protective DNS service (PDNS). The guidance, released in […]