Controls

A Simplified Approach to Vendor Management

If we had to reduce all of vendor management down to two operations, we’d suggest a strong contract policy, and a sorting process. Business Associate Agreements Simplified For those of you who are wanting to come into lightening-speed compliance with Section 164.30...
READ MORE

Authenticating Callers

The art of “out-of-wallet” questions! When somebody calls wanting information that is sensitive (such as social security numbers, account numbers, account balances, the names of applications on our network, names of personnel, etc.), we must “authenticat...
READ MORE

Strong Passwords

What is a strong password?   When designing a password, we need to keep three things in mind: First and foremost, if we use paper to write alternative passwords down, BE SURE to shred that paper, no matter how little it is! Second:  let’s remember that our goa...
READ MORE

Mobile Security White Paper: Non-technical Controls

Securing Mobile Devices Note:  Click for a pdf version of this Securing Mobile Devices White Paper. This white paper addresses the risks associated with the relatively new phenomena surrounding the introduction of corporate-owned data on Portable Devices, currently known...
READ MORE

Coming Soon: The Branchless Banking Kit!

It’s hard to believe almost a year ago Infotex set out on the path to create a new “branchless banking kit” which would include all the IT policy and procedure templates necessary to address a total re-write of the typical “E-banking Policy.” The decision to do this was ...
READ MORE

Shredding: New and Old Risks

In these days of drill-down risk assessments on new technologies and issues ranging from mobile banking to customer awareness to social media to FILs and Supplements, I’m often asked: “Since we now have to track these risk assessment triggers do we need to continue the an...
READ MORE

OCC Supports National Protect Your Identity Week

Educating Customers During the Fourth Annual Protect Your Identity Week The Office of Comptroller of the Currency (OCC) has joined the public-private coalition that supports the fourth annual Protect Your Identity Week (PYIW), an initiative of the National Foundation for...
READ MORE

Effectively Erasing Files

Before selling or discarding an old computer, or throwing away a CD or DVD, you naturally make sure that you’ve copied all of the files you need. You’ve probably also attempted to delete your personal files so that other people aren’t able to access them...
READ MORE

Manifesto: Time to Revolutionize our E-banking Policies

I’m in the midst of writing an article about Wireless Banking.  I’m actually working two articles: one about the Top Five Risks of Wireless Banking, the other a drill-down on the Compliance Risks of Wireless Banking.  In the process, I’m reviewing a few ...
READ MORE

CATEGORIES

infotex

MANAGING TECHNOLOGY RISK

Linkedin-in Facebook-f Youtube Twitter

SERVICES

EDUCATION

COMPANY

CONTACT

SIGN UP FOR OUR BLOG

As part of infotex‘s service to our clients, find “non-mainstream” articles about relevant security issues.

Facebook Youtube Twitter