security

Prevalent-Blog-Logo

In reviewing recent security incidents at several New York City banks, an article in the October 21st New York Times1 focused on an ever recurring theme – the need to closely scrutinize how well a financial institution’s vendors provide IT security to protect access to data and systems.  While the theme itself isn’t new, the article revealed that the Treasury Department is now engaged in a “sweeping effort”1 to require banks to increase their procedures for determining if vendors are adequately protecting their data and access to their systems.

(more…)

Prevalent-Blog-Logo

It’s the 21st century – your cyber-security assessments cannot afford the “one and done” approach of yesterday.

Modern information systems, comprised in large part by computer networks, contain a myriad of intertwined technologies – databases, applications, networking devices, web services and email just to name a few. All of these technologies are provided by diverse platforms at various release levels. Throw human users with varying roles and privileges into the mix and the resulting level of complexity makes an effective information security program an imposing challenge. Businesses are feeling the pressure of meeting the needs for global connectivity, e-commerce transactions, and online business-to-business communications while maintaining security programs to protect their information assets. Privileged account control, patch management, configuration management, and data backup are some of the hurdles to be cleared.

(more…)