Jay Butler, Manager of Client Implementations
Documents that users scan directly to email may not be secure because the multifunction printers (MFP) used to send them transmit email in clear text by default. Clear text email could be intercepted by unintended parties resulting in the potential exposure of private information. Regulatory compliance and good conscience dictate that sensitive, private information must be protected, so applicable email messages require encryption.
Read more »
Brian Brannon, Director of R&D
Anyone who has ever used a cloud-based storage service such as Dropbox or Box understands the usefulness and convenience that these types of solutions provide. On the other hand, anyone who has ever dealt with data leakage can also identify with the potential problems and risks of these types of solutions. New conveniences that services such as Dropbox and Box provide, also present new hurdles that Information Security Officers must overcome.
Read more »
Niki Neese, VP Account Management
As I have discussed in our previous newsletters, we have incorporated a compliance topic to the Quarterly Self-Assessment (QSA) that we perform with your financial institution; the main objective being to present you with information on the latest compliance trends that we see throughout our client base. Our goal this year is to incorporate topics that address the latest IT trends, goals and challenges for financial institutions and give you the tools, resources, and recommended solutions to help meet these common challenges.
Read more »
Marshall Jones, Director of Managed Services Development
While NetComply does a lot for your network automatically (patch management, AV, and machine inventory just to name a few), it does require some maintenance to make sure your network and reports are in tip top shape. Here are a few of my recommendations for making sure both NetComply and your network are running optimally.
Verify all machines are in NetComply: This is the most important step! If a machine is not in NetComply, it is almost certainly not being managed at all. This means that it is completely vulnerable since it is not getting patches, and may not have an AV product on it. The easiest way to verify if all your machines are in NetComply is to do a count of your machines and then check to make sure that matches the total number of devices in NetComply. If the numbers don’t match, use NetComply to help you find the missing machines. One trick is to show the Last Logged in User on the Agent Status page under the Agent tab and look for any missing users. Another trick is to sort by IP Address on the same page to separate your branches, this way you can verify your counts at each branch. If you’re missing either of these columns (IP Address or Last Logged in User), hit the Select Columns button to add these fields.
Read more »
Tom Hinkel, Director of Compliance
NetComply IT systems reports, combined with a self-assessment environment where the reports can be reviewed and documented (like the IT Committee), form the basis for a very powerful toolset to achieving higher URSIT scores. The URSIT (Uniform Rating System for Information Technology) ratings have been used by federal examiners for all IT examinations of financial institutions as well as technology service providers since 1978. They were revised in 1999 to bring them more in line with the CAMELS ratings. Similar to CAMELS, they also use a 5 point scale, with 1 being the highest or best score, and 5 being the lowest or worst. Most institutions want to score either a “1” or a “2”, as anything below that brings additional regulatory scrutiny.
Read more »
Jamie Davis, VP, Education, Product Management, and Quality Control
Managing 20,000 machines on a daily basis has its benefits and challenges. Due to this quantity of machines, Safe Systems is often one of the first to know if a Microsoft, core vendor, etc. update has had a negative unexpected consequence on machines or other software. This large quantity also gives us a unique view into the patch status, vulnerabilities, and virus status of our financial institutions as a whole. Keeping such a wide range of hardware and software secure while running at optimal performance with little interference is a goal we strive to attain on a daily basis. Addressing vulnerabilities on so many devices can be a challenging task. Even a fix on 99 machines can have devastating effects on 1 machine at any given time.
Read more »
Network Health Check | 
Print This Post
| 
April 9, 2012 2:26 pm | 
Comments (0) 
Subscribe