How well do U.S. credit unions conform to the FFIEC Authentication Guidance? An NCUA official discusses the state of conformance and what its examiners have learned from institutions.
The draft guidelines recommend developing system threat models, instituting a mobile-device security policy, implementing and testing a prototype of the mobile-device solution and securing a device before allowing user access.
In a tribute, we remember Terrell Herzig, information security officer at UAB Health System, an innovator who was passionate about sharing best practices for protecting sensitive information.
How are banks addressing mobile security risks? Bank of America's Keith Gordon says most are just beginning to forge ahead in the mobile space, and new security gaps are areas for which institutions have to prepare, proactively.
Some organizations are focusing so much attention on the bring-your-own-device trend and on implementing a mobile device management system that they're neglecting mobile app security issues, says security expert Jeff Williams.
Howard Schmidt takes exception with aspects of our blog that addresses his position in the White House hierarchy and relationship with agencies' chief information security officers. Here's his response.
Restaurant chain Penn Station's transparent response to a card breach that hit 65 of its locations provides an example of the right way to handle post-breach communications.
Consumers want more control when it comes to ensuring security during mobile banking. But most financial institutions have been reluctant to give end-users too much control. Why? Javelin's Jim Van Dyke offers some answers.
Mobile security threats can be managed through testing and strategic risk-mitigation strategies, says Keith Gordon, who oversees authentication and security strategies for Bank of America's consumer online and mobile banking units.
Why did hackers target the federal Thrift Savings Plan? Details from the FBI and the TSP have been sketchy, and Sen. Susan Collins is demanding more information - including the reasons behind the delayed notification.
Many organizations aren't devoting enough resources to ensure that applications for mobile devices are secure, says security expert Jeff Williams. He offers five tips for adequately addressing mobile application security.
The Obama Administration has unveiled a "digital government" strategy that requires federal agencies to launch new mobile applications. The strategy calls for standardized implementation of privacy controls.
How are banking institutions addressing mobile security risks and authentication challenges? Paul Smocer of BITS says some of the proactive steps banks are taking might surprise you.
From mobile and the cloud to DDoS attacks and risks surrounding big data, what should banks and credit unions do now to mitigate exposure? Gartner's Anton Chuvakin offers his top recommendations.
Do banks and credit unions use all the data they collect? One credit reporting bureau says they could be doing more with their data to track and prevent fraud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.