5 Essential Elements in an FFIEC Compliance Program

649 views
507 views

Published on

Top Patch delivers information security products to reduce risk, increase data security and ensure compliance. TopPatch's Remediation Vault™ is the industry’s first peer-to-peer patch distribution product. Even with existing patch management solutions, Remediation Vault ensures completeness, coverage and speed so that vulnerabilities are patched before hackers can exploit them. With Remediation Vault, the vulnerabilities in the software installed on Unix, Linux, BSD, OSX and Window’s operating systems are up to date with the newest security patches.

TopPatch services include HIPAA/HITECH compliance management, PCI compliance management, intrusion detection/prevention systems, forensics, end-to-end data privacy compliance management, vulnerability assessment and management, log monitoring and management, FFIEC, GLBA, NCUA, NERC, and SOX compliance.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
649
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • 5 Essential Elements in an FFIEC Compliance Program

    1. 1. 5 ESSENTIAL ELEMENTS IN ANFFIEC COMPLIANCE PROGRAM
    2. 2. Top Patch delivers information security products that reduce risk, increase data security and ensure compliance. • Remediation Vault™: first peer-to- peer patch distribution product. • Vulnerabilities patched before hackers can exploit them. • Unix, Linux, BSD, OSX and Windows OS protected with newest security patches. www.toppatch.com Email: alex@toppatch.com • Twitter: @toppatch©TopPatch • All Rights Reserved 349 Fifth Avenue, New York NY 10016, (646)
    3. 3. 5 Essential Elements of an FFIEC Compliance ProgramOverview • Uniform standards and principles • FRB, FDIC, NCUA, OCC, CFPB • Harmonized, uniformed reporting systems for federally-supervised financial institutions and subsidiaries. • Can financial institutions outsource services to the cloud? • Lack of guidance • FFIEC-certified assessors
    4. 4. 5 Essential Elements of an FFIEC Compliance Program• FFIEC will check: 1) Information security • Incident response plan: documented and tested • User security training • Controls tested on regular basis
    5. 5. 5 Essential Elements of an FFIEC Compliance Program• FFIEC will check: 2) Your network • Security of information network. • Network devices and firewalls and configuration. • How you allow remote access, whether it is secure. • Whether network devices are implemented according to best practices.
    6. 6. 5 Essential Elements of an FFIEC Compliance Program• FFIEC will check: 3) Physical security • Which parties are allowed to access your data center. • Whether critical infrastructure is well- protected from fires.
    7. 7. 5 Essential Elements of an FFIEC Compliance Program• FFIEC will check: 4) Service provider oversight • Whether you trust service providers with sensitive information. • Whether due diligence was conducted on critical vendors: • Who directly impact business operations? • Who has access to sensitive information?
    8. 8. 5 Essential Elements of an FFIEC Compliance Program• FFIEC will check: 5) Systems • Whether workstations and servers are securely configured. • Ability of users to override security configurations on their workstations. • Ability of users to install harmful software. • Presence of applications within network that are vulnerable to remote attacks.
    9. 9. Top Patch delivers information security products that reduce risk, increase data security and ensure compliance Request a free trial of the Remediation Vault for Best-In-Class Patch ManagementAlexEmail: alex@toppatch.com(646) 664-4265349 Fifth Avenue, New York, NY 10016www.toppatch.comTwitter: @toppatch

    ×