|
|
| Regulations & Compliance |
 prev | index | next  |
 |
| GLBA (Gramm-Leach-Bliley Act) |
|
http://www.ftc.gov/privacy/privacyinitiatives/glbact.html
Description
The Financial Services Modernization Act of 1999, more commonly known for its authors, Gramm-Leach-Bliley, includes provisions to protect consumers' personal financial information held by financial institutions.
Repealing the Depression-era barriers that separated banking, insurance and securities, the Act allows US financial services providers (including banks, securities firms, and insurance companies) to affiliate with each other and enter each other's markets. The legislation is intended to ensure financial institutions protect sensitive customer information that may be accessible to hackers through web-enabled environments, including Internet connectivity and hosting arrangements. The Safeguard Rule went into effect in 2003. The Federal Trade Commission (FTC) issued the Safeguards Rule under section 501(b), requiring financial institutions under FTC jurisdiction to secure customer records and information. The three main objectives of GLBA 501(b) are to:
- Ensure the security and confidentiality of customer records and information
- Protect against any anticipated threats or hazards to the security or integrity of such records
- Protect against unauthorized access or use of such records or information which could result in substantial harm or inconvenience to any customer
The Federal Financial Institutions Examination Council (FFIEC) has created an Information Security Handbook and an exhaustive set of tests to assess compliance with the Safeguards Rule, including over 20 specifically related to intrusion prevention and detection. The security process recommended by the FFIEC comprises five key areas:
1. Information security risk assessment
2. Information security strategy
3. Implementing security controls
4. Security testing
5. Monitoring and updating
Audit Body
The Federal Financial Institutions Examination Council (FFIEC), comprised of examiners from many different regulatory bodies is tasked with GLBA enforcement.
Industry Affected
Financial Institutions: Banks, Securities Firms, Insurance companies
Distributed Taps & GLBA Compliance
By enabling continuous network monitoring, VSS helps to identify vulnerabilities that are most important to your company. VSS provides support in the following areas:
1.Information security risk assessment:
A greater view into the network enables better assessment and prioritization of potential risks and vulnerabilities
2. Information security strategy and security controls:
Once your strategy has been defined, VSS helps to put your policies at work with the help of other security appliances by providing: A single, central point of administrative analysis and reporting; Rapid response to potential attacks; More consistent and easy management and enforcement of security policies and compliance requirements; Monitoring and updating.
|
|
|
| prev | index | next |
|
