Technology

Time: The Hidden Risks -- How to Create Compliant Time Practices
Time: The Hidden Risks -- How to Create Compliant Time Practices
Is your organization vulnerable to a security breach or regulatory action because of its inaccurate time-setting practices?

Too often we take time for granted. Yet, it's critical to securing our operations and validating the integrity of our data - especially in the event of a security breach or a legal action. Register for this session to learn:

  • The greatest regulatory and legal risks re: time;
  • Where to find your greatest exposures;
  • How to establish a compliant, accurate time-setting practice.


Background

Your organization's time-keeping practices are essential for the creation and maintenance of accurate, compliant and provable electronic data. If the timestamps in your data records are not reliable:

  • Your transaction processing applications will fail;
  • Forensics and audit log management will become a nightmare;
  • You may run afoul of regulatory and industry requirements; and
  • Courts may reject your electronic data as inadmissible.

Time is a major component in complying with the Payment Card Data Security Standard ("PCI DSS") as well as the Financial Industry Regulatory Authority Order Trail Audit System ("FINRA OATS").

Time also plays a major role in addressing the FFIEC's objectives for the integrity of data and accountability ("FFIEC Information Security Examination Handbook," p.6).

Yet for all time's importance, we understand little of how our systems actually generate and maintain time and the significant deficiencies in most time practices.

For example, as a compliance officer, would you accept a critical business process that was supported by a third party that refused to be audited or enter into a service level agreement?

- What if there was no way to even verify the identity of the third party that provided the critical support?

- What if one of your critical systems accepted input from several company locations and external partners across multiple time zones and it was practically impossible to determine the actual time of day on the various time stamps?

- What if one of your systems was dependent on a single source for critical data and no automatic failover process or backup strategy existed?

Most people would be surprised to learn that these problems are common in the vast majority of businesses with respect to how they manage time.

This webinar provides an introduction to how digital time is communicated and maintained in electronic commerce, the various sources for time and the significant vulnerabilities in the existing time practices used in most companies. The presentation will give you detailed recommendations for how to address these vulnerabilities and the basic components for a compliant time-keeping practice.



Around the Network