| Your Challenge: | Cost-effectively meet FFIEC, FDIC IT-RMP, GLBA, NCUA, and PCI requirements to protect account and card-holder data and assets and maintain the integrity and availability of your institution. |
| Details about your security program and its execution, monitoring, and auditing as well as the services and contracts with third party providers are coming under increased scrutiny from both federal and state examiners who are becoming more knowledgeable about information security in general and threat and vulnerability management in particular. In addition, the card brands have now extended PCI DSS requirements to not just institutions that issue and process card transactions but to all that operate ATMs that accept branded cards. | |
| The Solution: | ActiveGuard managed services; SaaS self-service assessment; security consulting services tailored for financial regulatory compliance. |
| Assess & Measure Gaps: | Consistent objective rating methodology; prioritized and actionable recommendations; peer benchmarking; experienced certified security experts. |
| Remediate & Enhance: | Experienced certified security experts; security program, policy, and procedures design, services, tools, and process implementation. |
| Execute & Monitor: | Compliant log management, log monitoring, vulnerability management, security device management, and financial services specific offerings customized for branches and ATMs. |
| Demonstrate Compliance: | Standard and customizable reporting; secure evidence repository for all compliance related assessments, results, and reports; integrated ticketing with assignment, tracking, and journaling. |
| Compliance Activity | Solutionary Services / Capabilities | Regulatory Mapping |
| Assess compliance state; Measure gaps from regulations | SecurCompass SaaS self-assessment; Security consulting services; PCI qualified security assessors | GLBA Safeguards Rule; Financial Privacy Rule; |
| Remediate findings; Enhance security and compliance program | Security consulting services; Authorized partner consulting services; PCI qualified security assessors | GLBA Safeguards Rule; FFIEC Audit; BCP; eBanking; InfoSec examination books; FDIC IT-RMP; NCUA; PCI DSS – See PCI Compliance |
| Execute and monitor security and compliance program | ActiveGuard Log Management; ActiveGuard Log Monitoring; ActiveGuard Vulnerability Management; PCI authorized scanning vendor; ActiveGuard Security Device Management; ActiveGuard UTM for IT-RMP ActiveGuard ATM Security; Monitoring & Management | 15 of the GLBA SafeGuards Rule Requirements 25 of the FFIEC Audit, BCP, eBanking and InfoSec Book Requirements 10 of the FDIC IT-RMP Requirments 7 of the NCUA 748 Requirements PCI DSS – See PCI Compliance |
| Demonstrate compliance with regulations | ActiveGuard Evidence & Log Vault; ActiveGuard Security & Compliance Reporting | 5 of the GLBA SafeGuards Rule Requirements; 7 of the FFIEC Audit, BCP, eBanking and InfoSec Book Requirements; 1 of the FDIC IT-RMP Requirements; 1 of the NCUA 748 Requirements; PCI DSS – See PCI Compliance |
Solutionary has:
- Comprehensive knowledgeable regarding information security requirements for financial institutions
- Financial services specific offerings customized for branches and ATMs
- Proven managed and consulting services to get you compliant and keep you compliant
- A six-year history as a PCI approved scanning vendor (ASV)
- A six-year history as a qualified security assessment company (QSAC)
- Certified security experts (CISSP, CISA, CISM, GCIA, CSOA, QSA, HITRUST CSF and others)
Select from any of our GLBA, FFIEC, FDIC IT-RMP, NCUA, and PCI compliant services:
- ActiveGuard Log Monitoring & Log Management
- ActiveGuard UTM for IT-RMP
- ActiveGuard Security Monitoring & Management
- ASV Certified External Vulnerability Scans
- Internal Vulnerability Scanning
- Managed Application Assessments
- Change & Enforcement Control
- Security Device Management
- Network & Application Penetration Testing
- Onsite GLBA, FFIEC, FDIC IT-RMP, NCUA, and PCI ROC assessments and gap analysis
- SecurCompass SaaS Self-Assessment
