BankInfoSecurity.com RSS Syndication

New Study: Unstructured Data Poses Huge Risk to Financial Institutions

It could be the draft of an important document that sits on the desktop of an employee's computer, or it could be the excel spreadsheet with sensitive information that an employee took home to work on, then copied onto their home PC. Documents such as these are hiding out in a financial institution as "unstructured data" and may pose a security problem -- including the potential for data breaches if not handled properly.

A new research report, "Survey on the Governance of Unstructured Data" by the Ponemon Institute, shows the need for financial institution to control access to unstructured company data. This term refers to electronic information such as spreadsheets, documents, presentations, multi-media files, blueprints or any data stored and accessed on file servers and Network Attached Storage (NAS) devices.

GLBA Report Card: Regulators Assess Institutions' Compliance

Vendor Management, Business Continuity Need More Attention
It's been seven years since the Gramm-Leach-Bliley Act (GLBA) regulations first came to financial institutions and the interagency guidance was issued by the FFIEC. How far have banks come in meeting it, especially where GLBA 501(b) is concerned?

We asked banking regulators for their insight on what progress has been made, some of the common mistakes they see in examinations and the more commonly asked questions they hear about GLBA.

Beyond IndyMac: It's a Crisis of Confidence

With Banks in Question, Focus Turns to Maintaining Compliance and Customer Trust
Last Friday, IndyMac became another financial institution to fail this year because of the credit crisis.

Taken over by federal banking regulators, IndyMac, a Pasadena, California-based mortgage lender with $32 billion in assets, was the largest thrift on record to fail and the third largest bank failure in history.

IndyMac's takeover is only one of the symptoms of the tightening credit conditions that have been building at financial institutions since last summer. And yet, while institutions struggle with the credit crunch, they can't lose sight of security and regulatory compliance. "We simply cannot take our eyes off compliance while we address safety and soundness," said Comptroller of the Currency John C. Dugan.

OCC Allows National Bank Offices Affected by Hurricane Dolly to Close

The Office of the Comptroller of the Currency today issued a proclamation allowing national bank offices affected by Hurricane Dolly to close at their discretion.

In issuing the proclamation, Jennifer Kelly, Senior Deputy Comptroller for Mid-Size/Community Bank Supervision, said she expects that only those bank offices directly affected by the hurricane will close. Those offices should make every effort to reopen as quickly as possible to address the banking needs of their customers, she added.

FinCEN Announces Details on Intended Retirement of BSA Magnetic Media Filing Program

In keeping with its efforts to make Bank Secrecy Act (BSA) filing requirements more secure, efficient, and effective, the Financial Crimes Enforcement Network (FinCEN) today announced its intention to retire the BSA Magnetic Media Filing Program. Current Magnetic Media filers must transition to BSA Electronic Filing (E-Filing) no later than December 31, 2008.

OTS Director Reich Cites Keys to Restoring Consumer Confidence

Office of Thrift Supervision (OTS) Director John Reich cited three keys today to restoring the confidence of consumers and investors in the financial services industry.

In a speech at the Summer Meeting of the American Bankers Association, Reich said recent news reports about health problems of financial institutions have shaken the public confidence essential to the industry.

OTS Closes IndyMac Bank and Transfers Operations to FDIC

The Office of Thrift Supervision (OTS) today closed the $32 billion IndyMac Bank, headquartered in Pasadena, California, and transferred operations to the Federal Deposit Insurance Corporation (FDIC).

A successor institution, IndyMac Federal Bank, FSB, will open for business on Monday and be run by the FDIC. Depositors will have no access to banking services online and by telephone this weekend, but will continue to have access to their funds this weekend by ATM, through other debit card transactions and by writing checks. Online banking and phone banking services will be available again on Monday.

Business Continuity Risk Assessment & Resource Allocation

Having an institution-wide Business Continuity (Disaster Recovery) Plan is a regulatory requirement for every form of financial institution. Your institution's BCP creates the foundation for your prevention and recovery efforts for both "traditional" and "non-traditional" disasters, including a pandemic. What institutions often overlook are the issues relating to resource allocation -- the necessary "people, places and things" that are identified during the risk assessment process. The institution must maintain realistic and practical solutions to resolving the critical resource allocation issues that are likely to impact the institution, including:

People: Employees, insiders, institution-affiliated parties (and their families), customers, vendors and third-party service providers
Places: Facilities that the institution owns, manages, maintains, leases or controls
Things: Assets, equipment, supplies, records and documents

Register for this session to learn disaster prevention and business recovery strategies, planning techniques and action tactics that you can use to create or modify your institution-wide Business Continuity Plan. You will also learn how to identify the real sources of loss exposure within your institution during a disaster; the obvious and not-so-obvious methods for using your institution's resources effectively -- before and during any type of disaster; and the most successful methods for reinstalling all of your institution's components in the shortest amount of time.

Among the topics to be discussed:

How Does A Disaster Plan Differ From A Pandemic Plan?
What Resource Allocation Issues Should The Business Continuity Plan Address?
Your Institution's Business Continuity Scenario Test
Business Continuity Planning & Implementation Guidelines
Hypothetical Disasters: Could These Happen To You?

GLBA Compliance: Trends to Watch, Traps to Avoid

Gramm-Leach-Bliley - it's at the heart of every financial institution's security program. In this exclusive interview, Nathan Johns, formerly of the FDIC, discusses current GLBA compliance trends, including:

Where institutions are most challenged to meet compliance;

Where they are seeing successes;

Vendor management;

How a risk-based approach helps to maximize scant resources.

Banking Regulators on Identity Theft Red Flags Rule Compliance

Excerpt of a Q&A with William Henley of OTS and Jeff Kopchik of FDIC

In conjunction with the recent Identity Theft Red Flags Rule Roundtable webinar, we conducted an interview session with William Henley of OTS and Jeff Kopchik of FDIC. Topics ranged from:

What should institutions expect on Nov. 1?
What have been the biggest compliance challenges?
What should institutions pay most attention to re: Identity Theft Red Flags?

This is an excerpt of that Q&A session. To hear the entire dialogue, please register for the Identity Theft Red Flags Rule webinar, which also features practitioners' perspectives on compliance, as well as our own new survey results on where banking institutions stand in their efforts to meet the Nov. 1 compliance deadline.

CISO Interviews: Roger Batsel, Republic Bank, on Business Continuity/Disaster Recovery

How to Put the "Business" back into Business Continuity Planning

Planning for disaster - whether a simple service disruption or a pandemic event - is paramount to any financial institution. But where does the responsibility fall?

Roger Batsel, SVP, Managing Director of Information Systems at Republic Bank, Louisville, KY., says it's time to separate duties: let IT handle system outages and put business continuity planning in the hands of the business folks.

In this exclusive interview, Batsel discusses the positive impact this novel approach has had on his bank.