Overview

We focus our bank solutions on the security regulations administered by the various federal and state regulatory agencies. Banking regulatory policy requires the bank to have a comprehensive security policy that outlines proactive and ongoing programs aimed at:

1. Prevention
2. Detection
3. Response

Electronic banking is a way of life for most financial institutions and for rapidly growing numbers of consumers. The opportunities associated with online banking pose significant risks to an insured Bank.

To insure adequate privacy protection and information technology security for institutions and consumers, federal agencies that regulate banking and financial institutions cooperated in developing Safety and Soundness Examination Procedures for electronic banking to be used by agency examiners in auditing banking operations. The Gramm-Leach-Bliley (GLB) Act of 1999 added supplementary requirements aimed at safeguarding customer information. In turn, the banking regulatory agencies levied specific requirements as a result of the GLB Act. The Act requires that banks inform customers about their privacy policies and give them a choice regarding when that data may be shared with third parties.

In addition to establishing a set of Privacy Rules to implement the privacy provisions, Congress also directed the establishment of the Privacy Guidelines, "appropriate standards - relating to administrative, technical and physical safeguards" to:

1. Insure the security and confidentiality of customer records and information
2. Protect against any anticipated threats or hazards to the security or integrity of such
   records and information
3. Protect against unauthorized access to or use of such records or information, which
   could result in substantial harm or inconvenience to any customer.

Like the Privacy Rules, the Privacy Guidelines must be implemented. Pivot Group is dedicated to protecting today's banks from the multitude of current and emerging security threats and has developed a GLB compliance offering that incorporates analysis and implementation of the following elements:

• Restricting access to information to only authorized individuals (both internally
  and externally)
• Restricting access to physical locations where information is stored
• Encryption of electronic information
• Procedures to insure coordination of all security efforts
• Dual control procedures (meaning two people acting together to access information)
• Background checks for employees with access to customer information
• Maintaining systems that detect actual and attempted intrusions into customer
  information
• Response programs for suspected unauthorized access
• Protection against loss or damage to information by environmental causes

Pivot Group's solutions and look, plan, act, repeat methodology logically manage the many complex issues relating to an effective security strategy for banks.  Contact us today to discuss your current situation and industry requirements.

Using Pivot Group to Assist with Information Security for Banks

• Security Strategy
• Risk Assessments
• Security Audits
• GLB Compliance
• FFIEC Guidelines Compliance
• Data Policy and Protection
• Policy Development & Implementation
• Training
• Technology Recommendations and Deployment
• State & Federal Audit Preparation
• Board of Directors Monitoring and Auditing Programs

For a printer-friendly version of the above information, please click here.

For more information about Information Security and Banks, please refer to our Resource Guide.