Maintaining quality security scores points with regulatory inspectors, preventing common citations that can cost reputation and affect FDIC Insurance rates. Security monitoring and policy management provide a continual check for compliance.
Security monitoring covers many common concerns, including:
- “Management should establish procedures to stay abreast of patches, to test them in a segregated environment, and to install them when appropriate.” (FFIEC Operations Booklet, page 22)
- “Processes are in place to monitor for the presence of unauthorized users, devices, connections, and software.” (FFIEC Information Security Work Program, Objective II: M‐9)
- “A normal network activity baseline is established.” (FFIEC Information Security Booklet, page 77)
- “Controls are in place to restrict the use of removable media to authorized personnel.“ (FFIEC Information Security Work Program, Objective I: 4‐1)
- “Elevated privileges are monitored.” (FFIEC Information Security Booklet, page 19)
- “The institution is able to detect anomalous activities through monitoring across the environment.” (FFIEC Information Security Booklet, page 32)
Policy management prevents banks from being cited for security shortcomings, such as inadequate data flow documentation, lack of customer awareness, and inconsistent firewall auditing and verification.
onShore’s security process means that we continuously collect, correlate and analyze your network data. Through our security process, our banking clients are confident in their compliance, staying steps ahead of both unknown attacks and unexpected inspections. onShore Security will customize a policy and monitoring process to keep you compliant with any regulatory body or set of policies (including your own). We’re ready to take that first step with you.
Questions we still have:
Is insurance rate affected?
Is it FDIC insurance?
Are inspections a surprise?