Financial Services institutions understand that they must implement improved security controls not only to comply with specific regulations such as the Gramm-Leach-Bliley Act (GLBA), but they must also protect customer information from breaches and assure the trust among their customers.
TraceSecurity’s solution for the Financial Services sector helps you meet specific regulatory challenges from GLBA, SOX, and others. We help you demonstrate compliance to security policies, guidelines and best practices. At the same time, we help protect the personal financial information of your customers and the integrity of your data.
The Gramm-Leach Bliley Act (GLBA) data protection requirements mandate that financial institutions protect the security and confidentiality of customers' non-public personal information and institute appropriate administrative, technical, and physical safeguards to accomplish this requirement. GLBA also requires covered institutions to protect against any anticipated threats or hazards to the security or integrity of customer records; and to protect against unauthorized access to or use of records or information which could result in substantial harm or inconvenience to any customer.
Many institutions that are not commonly thought of as financial in nature are covered by GLBA requirements, such as insurance companies, tax prepares, colleges and universities, financial planners and others.
In defining and implementing an information security program, covered institutions must develop a risk-based information security program that includes involvement of the board and senior management, a risk assessment of threats and vulnerabilities, effective risk management and controls, training, testing, vendor oversight, monitoring and adjusting, and board reporting.
Many institutions that are not commonly thought of as financial in nature are covered by GLBA requirements, such as insurance companies, tax prepares, colleges and universities, financial planners and others.
In defining and implementing an information security program, covered institutions must develop a risk-based information security program that includes involvement of the board and senior management, a risk assessment of threats and vulnerabilities, effective risk management and controls, training, testing, vendor oversight, monitoring and adjusting, and board reporting.
