We have had a great response concerning our security awareness “poster” concerning strong passwords! We thank you for that. In fact, we have had several requests for additional ones from several people. I hope to get posters created for all your awareness concerns, but note that I don’t want to bombard you with too much information between posters and other information security news… I am afraid of landing in your spam folder!

However, the Federal Financial Institutions Examination Council (FFIEC) states in the 2006 Information Security Booklet that financial institutions should:

• Ensure an effective information security awareness program has been implemented throughout the organization.
• Financial institutions can achieve effective employee awareness and understanding through security training and ongoing security-related communications, employee certifications of compliance, self-assessments, audits, and monitoring.

In addition, specific to this awareness poster, the FFIEC states:

• Financial institutions need appropriate disposal procedures for both electronic and paper-based media.
• Policies should prohibit employees from discarding media containing sensitive information along with regular garbage to avoid accidental disclosure.

As such, to make sure you are following the FFIEC guidelines, here is our “Shred Documents Containing Nonpublic Personal Information (NPI)”
awareness reminder poster that you may distribute to your employees.