Andrew Miller is a freelance writer specializing in financial services and information technology. He holds an MBA from Columbia University and a Master's in computer science from Rensselaer Polytechnic Institute. He has held jobs at CMP Media, MetLife, and Gartner.
Voice verification is a form of biometrics that involves using voice prints and recognition of the user's phone, a combination known as a voice token. It is regarded as a next-generation authentication technology.
The more-advanced voice recognition systems record and store combinations of sounds and notes. For...
The need to store and manage mushrooming quantities of unstructured content such as e-mails, instant messages, voice messages, and images is a major pain point for financial institutions of all sizes. An estimated 60 billion e-mails are sent across the globe each day and almost 80% of companies accept e-mail as...
Banking via telephone and wireless mobile devices has become an important delivery channel for financial institutions. As with Internet banking, telephones and wireless devices afford great convenience for bank customers, but unfortunately they too are prone to phishing and other forms of attack.
The Federal...
With the deadline passed for compliance with the Federal Financial Institutions Examination Council (FFIEC) guidelines, financial institutions are seeking cost-effective strategies that meet or exceed meeting regulatory and customer expectations.
According to the FFIEC, any system that permits the movement of...
Writing effective information security policy is more than just laying down a set of rules and procedures; it's a process unto itself, whose goal is to create a dynamic instrument that will protect a financial institution's most precious asset - information.
Fortunately, resources exist to assist chief information...
Financial institutions can expect increased scrutiny on information security policies in 2007 as regulators devise new oversight standards.
In December, the Public Company Accounting Oversight Board (PCAOB), which establishes rules for compliance with Sarbanes-Oxley, proposed a new standard for Sarbox section...
In December, a milestone of sorts was reached when Boeing Co. disclosed that a laptop containing names, SSNs, home addresses, phone numbers and dates of birth of 382,000 current and former employees had been stolen from an employee's car.
The theft pushed the number of records compromised due to security breaches...
Financial institutions are subject to a slew of laws and regulations aimed at information security. There's Gramm-Leach-Bliley (privacy), Federal Financial Institutions Examination Council (authentication and online banking), and Payment Card Industry (card security). There's also California's and other states' data...
With the December deadline approaching for implementing better authentication for online banking systems, financial institutions are hard-pressed to come up with technology solutions that will satisfy regulators. It's going to be a race to the finish line to meet the deadline set by the Federal Financial Institutions...
The Gramm-Leach-Bliley Act (GLBA) contains a rule, known as the Safeguard Rule, under which the Federal Trade Commission and other federal agencies have established standards for financial institutions relating to administrative, technical, and physical safeguards for customer information. The objectives are to ensure...
Visa is mounting a full-scale blitz to encourage merchants to use payment software that doesn't compromise consumer passwords. The card company has asked merchants to ensure that the software they use to process card transactions doesn't store the full contents of "track data", which contains passwords and other...
EMC Corp.'s recent acquisition of RSA Inc. underscores the convergence of information security and storage. EMC, which sells large storage systems for use in corporate data centers, bought RSA - a manufacturer of encryption software and devices - to provide it with identity and access management technologies and...
Last October, the Federal Financial Institutions Examination Council (FFIEC) issued guidelines to financial institutions stating that single-factor authentication was inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties. While financial institutions...
In deciding to retain a managed security service provider, an organization needs to treat the potential action as a risk mitigation sharing decision. When weighing the risks, banks need to consider issues such as trust, dependence, and ownership.
Establishing a good working relationship and building trust between a...
As the threat of computer-initiated attacks increases, and as regulators put more pressure on banks to shore up their information assets, financial institutions are turning toward outsourcing their information security functions to third party processors. These outsourcing deals, which are often part of a larger IT...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.