The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act, is a comprehensive, federal law affecting financial institutions and companies offering financial services. A component of GLBA requires financial institutions including banks, insurance companies, and security firms to be GLBA compliant by developing, implementing, and maintaining administrative, technical, and physical safeguards to protect the security, integrity, and confidentiality of customer information. GLBA is composed of several parts – 16 CFR 313 outlines the Privacy Rule and 16 CFR 314 outlines the Safeguards Rule. The Safeguards Rule requires organizations to create a written information security plan after giving careful consideration to how they are protecting sensitive/private client personal information by conducting a risk analysis on their current processes.
Regulations require financial institutions to employ an integrated security strategy that establishes perimeter security as well as security inside the network and among all databases, applications, and end-point devices such as personal computers, laptops, wired and wireless devices, etc. A Proactive security approach must be adopted to ensure your devices adapt in real-time to ever-changing vulnerabilities, risks and new security threats.
According to the FFIEC Handbook, financial organizations must secure access to their computer networks and data through the use of adequate access controls to protect against unauthorized access. Due to staff limitations, many financial institutions struggle to meet and maintain the requirements of full compliance with GLBA.
Loricca understands the financial industry and what is required for compliance. Our services include a baseline assessment, which is the first step in identifying and closing security gaps to ensuring compliance. Security threats continuously change. Many businesses question whether their systems are up to the challenge. To help our clients evaluate the security of the information stored within in their environments, Loricca offers a full range of assessment services.
To understand your organization’s current risk and to identify any gaps in compliance you may need to address, please contact us today to learn more.