Archive for 'Kits' Category
Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).
Smartphones and tablets may receive infrequent updates and can be difficult to manage. An article review. Your desktop receives new virus definitions and other updates on what seems like an hourly basis, but when was the last time your smartphone received an OS update? Duo Security released their 2017 Trusted Access Report recently, and it […]
The case for customer education . . . The fact is, when two customers walk into your establishment, one is probably being attacked RIGHT NOW! The results of a Microsoft study revealed in this article by Warwick Ashford of Computer Weekly, is very timely, as they come during an ongoing debate about the legal risk exposure versus the […]
Have you checked out the itinerary? Another great lineup of speakers! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Yesterday my Client said summed it up pretty well: “I can’t afford not to go!” On 11/19 and 11/20/2014 Information Security Officers from organizations all […]
Incident Response is a key to IT Governance. A good Incident Response Program will have a high-level policy, and a plan that enforces that policy by establishing goals, priorities, training, and tools.
Note: infotex plans to release a response kit for the 12/11/2013 FFIEC Guidance entitled “Social Media: Consumer Compliance Risk Management Guidance.” . . . . . a Dan’s New Leaf post . . . . . As I continue to swim neck-deep in the language and meanings and implications of the FFIEC Social Media Guidance, […]
The 12/11/2013 social media guidance has some weaknesses. The good news: the infotex response kit will be designed to address them!
In order to understand the power of the three layers of security required by the June 2011 Supplement to the FFIEC’s 2005 Guidance on Authentication in an Internet Banking Environment, it is helpful to understand just how a corporate account takeover (CAT) attack works. Nowadays, criminals can purchase applications that are designed to attack American […]
According to the Federal Financial Institutions Examination Council’s (FFIEC), a financial institution’s customer awareness and educational efforts should address both retail and commercial account holders and, at a minimum, include the following elements: An explanation of protections provided and not provided to account holders relative to electronic funds transfers under Regulation E, and a related […]
As the “compliance burden” continues to rise, we may sometimes wonder whether information security regulations are worth the effort. This is a story of how the FFIEC got it right. A Short History Lesson For many in banking, this story may appear to have started in June of 2011, when the FFIEC released what we […]