FORTIFRE - We Fortifify Your Net
HomeServicesInternal Security AuditsBank & Financial SolutionsContactPartnersClients







Banking and Financial Solutions

Gramm-Leach-Bliley and FDIC Compliance
Application Audits
Security Monitoring
Vulnerability Assessments

Issues

Regulators believes that it is incumbent upon the Boards of Directors and banks’ senior management to take steps to ensure that their institutions have reviewed and modified where necessary their existing risk management policies and processes to cover their current or planned e-banking activities.

Regulators expect risks to be recognized, addressed and managed by banking institutions in a prudent manner according to the fundamental characteristics and challenges of e-banking services. These characteristics include the unprecedented speed of change related to technological and customer service innovation, the ubiquitous and global nature of open electronic networks.

  • How do I keep up with the rapid development of e-banking capabilities AND manage the security risk?
  • What MUST senior management do to ensure security policies and procedures are adequate?

Some guidance has been defined through various organizations. Here is a short list of the primary regulations:

Gramm-Leach-Bliley - Requirements to "Protect against unauthorized access" and "anticipated threats or hazards to the security or integrity"
Title V Subtitle A Sec 501 b

FDIC - Security Monitoring and Vulnerability Assessments Requirement
FIL-67-2000

FDIC - Prevention, Detection and Response Requirements
FIL-68-99

FDIC - Risk Management of Outsourced Technology Services
FIL-81-2000

Benefits

farm9 suite of security services is focused on addressing Gramm-Leach-Bliley, FDIC and other governmental regulations

Harvester™ - Ongoing Security Monitoring
  • Protects your critical business systems with advanced 24x7 proactive security monitoring technology
  • Global monitoring using firewall, IDS, and system logs is the most effect alerting method for identifying security violations
  • Leverage huge economies of scale to deliver a high service level at a low per device cost
  • Our trained security operations staff provides 24x7 support
  • Easy and effective way to meet your security policy requirements for log review and archiving
  • Managed services flatten your costs, leading to predictable security costs
  • We escalate, track and support your IT staff until security issues are resolved
Internet Vulnerability Assessment
  • A Certification of “Adherence to Best Practices” will be issued for use with partner companies
  • Conducted off-site to closely approximate a hacker attack on your site
  • Provides information from the Internet perspective that characterizes:
    • Network monitoring effectiveness
    • Incident response procedures
    • System configuration vulnerabilities
    • System patching and configuration practices
  • Provides comprehensive test results on:
    • Detailed information on vulnerabilities and response capabilities
    • Prioritized recommendations for system modifications based on risk-level
    • Detailed configurations and security-related releases are provided for each system
On-site Security Audits
  • Conducted on-site to assess security of networks and host systems, network communications analysis, system architectural characteristics and policy/procedures practices
  • Provides comprehensive results on:
    • Detailed information on vulnerabilities and response capabilities
    • Prioritized recommendations for system modifications based on risk-level
    • Detailed configurations and security-related releases are provided for each system
Application-level assessments
  • Conducted both on and off-site for an assessment of various application processing scenarios such as:
    • Force update to other sites
    • Large buffers overflows
    • Brut force login and reset passwords
    • Account lockouts
    • Application development practices
    • Testing encryption methods and key management
  • Provides comprehensive results on:
    • Detailed information on vulnerabilities and response capabilities
    • Prioritized recommendations for system modifications based on risk-level
    • Detailed configurations and security-related releases are provided for each system
Incident Response
  • Security Breaches are a serious matter that must be managed decisively. Efficient incident handling is an economic issue that requires considerable resources. A rapid response is required to:
    • Protect your the assets and resources
    • Comply with regulatory requirements
    • Avoid legal liability
    • Prevent relay attacks against other systems
    • Minimize the potential for negative exposure
  • Provides a coordinated rapid response team committed to efficiently and expediently resolving your system breaches
    • Identification and Classification
    • Notification and Escalation
    • Containment
    • Eradication
    • Recovery and Follow-Up
    • Legal Authority Liaison
For a request of our services, please email or call us and we would be
happy to arrange a meeting and a demo at 510-782-3334 or info@fortifire.com

Careers l Events l Privacy Policy

© 2002, Fortifire.com, Inc. All Rights Reserved.