Blog

Recently the Ponemom Insitute released its’ latest research on “Benchmarking Information Security Efficiency” Their goal was to help organizations determine the “most operationally efficient route to their desired security posture.” I’d hope that their desire would be continuous compliance. The research showed five key areas that affected security efficiency:

Defending your data from threats is a number one concern. Technology is fluid, but planning properly will help your company get the best protection for the present and for future growth. These six best practices will help you maintain data security in your business setting.

(more…)

Love this email (pic below) that went out to a new client today. It’s the little things that add up to a lot in the exceptional experience we want to give our clients.

An interesting article in Wired drew my attention to this post on the Internet Crime Complaint Center (IC3) website. Here’s the Cliff Notes version: Bad people put malware consisting of remote control software and key loggers on a targeted business user’s computer. They gather ID’s and passwords and other authentication data. The bad people then use the backdoor into the customers machine to initiate wire transfers and ACH transactions to (here’s that new buzz word) Money Mules who have been duped into “work at home” schemes and are tasked with transferring funds received to the offshore accounts of the aforementioned bad people.

Unfortunately we’ve seen this before. In fact, the only forms of fraud or security breaches we’ve seen has been with this sort of activity where the end user’s machine has been compromised and used to initiate wire transfer or ACH originations. Equally as unfortunate, the recommendation from the IC3 and guidance from federal and state regulators leave a huge gap that makes financial institutions and their customers vulnerable.

Cleaning out some old files on my Macbook I came across some customer service notes from my days @XYZ bank (XYZ=Small/Mid size bank). These suggestions were submitted by Information Technology, Proof (Item Processing) and New Account users. I reduced the list to include the most common we see in our daily interactions with banks.

It seems like we say it at least every other week, “The only fraud we’ve seen for online banking has been compromises at commercial customer sites.” And is evidenced by two breaches of high profile banks out of Dallas over the past month.

Recently I stumbled on the Aberdeen Group’s report on “Beyond Demonstrating Compliance: The Reinvention of Internal Audit” and had no choice but to read the complete report. What a wealth of information and a must read for an organization that insists on Continuous Compliance for their customers and stakeholders. According to the report top performers achieve a “6.9% decrease in average time to issue an internal audit report, a 5.6% decrease in the average total cost per audit completed, a 7.4% increase in the number of automated control and a 1.2% decrease in the number of audit deficiencies. “ Just think; these numbers directly impact your bottom-line.