General: (800) 466-9939

Controls

What should we focus our 2014 Audit Plan upon?

Risk Based Auditing!   I am often asked, especially at the end of a year, what should we be focusing our next audit plan upon? My answer:  Focus your auditing on testing YOUR controls that mitigate the most risk in YOUR environment.  Don’t bother testing controls which ...
READ MORE

A Simplified Approach to Vendor Management

If we had to reduce all of vendor management down to two operations, we’d suggest a strong contract policy, and a sorting process. Business Associate Agreements Simplified For those of you who are wanting to come into lightening-speed compliance with Section 164.308(b...
READ MORE

Authenticating Callers

The art of “out-of-wallet” questions! When somebody calls wanting information that is sensitive (such as social security numbers, account numbers, account balances, the names of applications on our network, names of personnel, etc.), we must “authenticate&#...
READ MORE

Strong Passwords

What is a strong password?   When designing a password, we need to keep three things in mind: First and foremost, if we use paper to write alternative passwords down, BE SURE to shred that paper, no matter how little it is! Second:  let’s remember that our goal i...
READ MORE

Mobile Security White Paper: Non-technical Controls

Securing Mobile Devices Note:  Click for a pdf version of this Securing Mobile Devices White Paper. This white paper addresses the risks associated with the relatively new phenomena surrounding the introduction of corporate-owned data on Portable Devices, currently known by...
READ MORE
IT Governance documentation is both extremely important and extremely difficult to create for IT managers, Information Security Officers, and Compliance Officers alike. infotex has been maturing GLBA and HIPAA templates since before the regulations were law. Our first Accept...
READ MORE

Coming Soon: The Branchless Banking Kit!

It’s hard to believe almost a year ago Infotex set out on the path to create a new “branchless banking kit” which would include all the IT policy and procedure templates necessary to address a total re-write of the typical “E-banking Policy.” The decision to do this was acc...
READ MORE

Shredding: New and Old Risks

In these days of drill-down risk assessments on new technologies and issues ranging from mobile banking to customer awareness to social media to FILs and Supplements, I’m often asked: “Since we now have to track these risk assessment triggers do we need to continue the annua...
READ MORE

OCC Supports National Protect Your Identity Week

Educating Customers During the Fourth Annual Protect Your Identity Week The Office of Comptroller of the Currency (OCC) has joined the public-private coalition that supports the fourth annual Protect Your Identity Week (PYIW), an initiative of the National Foundation for Cr...
READ MORE

Effectively Erasing Files

Before selling or discarding an old computer, or throwing away a CD or DVD, you naturally make sure that you’ve copied all of the files you need. You’ve probably also attempted to delete your personal files so that other people aren’t able to access them. H...
READ MORE

CATEGORIES

General: (800) 466-9939

Facebook Youtube X-twitter

General: (800) 466-9939

Facebook Youtube X-twitter

General: (800) 466-9939

Facebook Youtube X-twitter