Financial Industry
Banks & Credit Unions
Financial Institutions are constantly being attacked by intruders from across the globe, and keeping customer and member information safe has become a daily struggle. Our Financial Institution security services are designed by finance industry security executives and engineers who understand the intricacies of managing highly secured operations.
All financial institution information systems including loan processing systems, teller platform, and core processing must adhere to Gramm-Leach-Bliley Act (GLBA), which includes the following key components:
- Identify personal data and protect it from unauthorized disclosure and loss.
- Manage entitlements that limit users' data access based on their need-to-know.
- Establish information barriers to ensure information will be restricted to its intended purposes and communicated only for its authorized purpose, by authorized persons, in authorized locations, and during authorized times.
- Prevent the export of personal information to third parties or affiliates when not explicitly approved by the customer/member.
- Enforce persistent privacy policies upon customer and member personal information when information is distributed to business partners, agents, affiliates and contractors.
Board and management have a fiduciary duty to protect their Customer’s private information. As a partner, TruShield is dedicated on helping financial institution meets this core responsibility, while complying with Gramm-Leach-Bliley Act (GLBA), National Credit Union Association (NCUA) and Federal Financial Institutions Examination Council (FFIEC) rules and regulations.
Our Financial Instituion security services
- Security Audit
- Vulnerability assessment
- Penetration test
- Managed security services
- Infrastructure design
- Other Services as-needed
Financial Institutions are required to perform regular risk assessments as part of any security program. Beyond risk assessment security procedures and information technology system should be stress-tested by independent testers to ensure that mis-configuration are discovered and corrected, and that policies are are complied with at all times..