About Us | Contact Us
View Cart
Archive for 'Kits' Category

Get Ready to Respond to the Social Media Guidance!

By Dan Hadaway - Last updated: Wednesday, February 12, 2014

The 12/11/2013 social media guidance has some weaknesses. The good news: the infotex response kit will be designed to address them!


The Anatomy of a CAT Attack

By Dan Hadaway - Last updated: Tuesday, August 27, 2013

In order to understand the power of the three layers of security required by the June 2011 Supplement to the FFIEC’s 2005 Guidance on Authentication in an Internet Banking Environment, it is helpful to understand just how a corporate account takeover (CAT) attack works. Nowadays, criminals can purchase applications that are designed to attack American […]


What customers need to be told

By Dan Hadaway - Last updated: Tuesday, August 27, 2013

According to the Federal Financial Institutions Examination Council’s (FFIEC), a financial institution’s customer awareness and educational efforts should address both retail and commercial account holders and, at a minimum, include the following elements: An explanation of protections provided and not provided to account holders relative to electronic funds transfers under Regulation E, and a related […]


Corporate Account Takeovers: Where Compliance Pays

By Dan Hadaway - Last updated: Monday, August 26, 2013

As the “compliance burden” continues to rise, we may sometimes wonder whether information security regulations are worth the effort.  This is a story of how the FFIEC got it right. A Short History Lesson For many in banking, this story may appear to have started in June of 2011, when the FFIEC released what we […]


Social Media Guidance Kit

By Dan Hadaway - Last updated: Tuesday, February 19, 2013

Coming Soon! Sorry, we’re still reviewing the kit.  The guidance has a lot of detail, and we’re wanting to be sure we get it right. Social Media Guidance Kit Current estimated release date:  03/21/14 with the Indiana Banker’s Association Workshop. If you’d like to be informed when we have finished development, feel free to email […]


SSAE-16 Review Checklist

By Vigilize - Last updated: Tuesday, January 22, 2013

Quick and Easy Due Diligence Checklist! Our most popular tool! What should you look for when you review a SOC2 report? What if you get a SOC1 or SOC3 instead?  What type of paper trail should you leave, demonstrating an adequate review?  How do you track that all appropriate stakeholders have processed their part of […]


Technical BYOD Controls for Banks

By Dan Hadaway - Last updated: Thursday, September 13, 2012

Dan and Sean expanded a research report for a Client to benefit us all! This article includes a comparison of MDM vendors as well as advice in developing technical controls for portable devices!


Survey Confirms BYOD Continues to Present Serious Threat

By Vigilize - Last updated: Thursday, August 16, 2012

Just when you think progress is being made in educating employees about BYOD security vulnerabilities, another survey releases results like this: In a 400 person survey of office workers, 47% said they do not use a password on their mobile phone.


Bust Exposes PCI Challenges

By Vigilize - Last updated: Monday, July 9, 2012

Experts say that the international takedown that resulted in 24 arrests for credit card fraud illustrates problems inherent in the Payment Card Industry Data Security Standard (PCI DSS).


A Cure for BYOD?

By Vigilize - Last updated: Friday, June 29, 2012

Using mobile devices in the workforce has grown in popularity. However, some organizations haven’t jumped to purchasing those devices. Some employees, either out of need or convenience, have used an alternate route in that they bring their own device (BYOD) to work. This brings up some security concerns. To address this, AT&T says it has the answer for corporations that want to let employees access work applications from personal phones without becoming a security threat.