A Report On Financial Institutions

867 WordsSep 14, 20144 Pages
Overview: Financial institutions continues to be challenged by the inherent risks that are associated to the loss of customer data through the compromise of security controls. As Information Security continues to grow, the lack of effective security controls such as authentication continues to one of the key components leading to data breaches across all industries. For this purpose, SecureKey contracted with a leading independent security governance, risk management and compliance (GRC) firm Coalfire Systems, Inc., to provide a security review of their SecureKey briidge.net Connect solution. Given that, in the age of Internet banking, recent data breaches continue to raise security awareness. Consequently, many financial institutions are relying on guidance provided by the Federal Financial Institutions Examination Council (“FFIEC”), in effort to prevent the risk of identity theft and fraudulent transactions. Our assessment of the SecureKey briidge.net Connect solution considered FFIEC requirements for authentication in an Internet Banking Environment. The objectives of our security review included: 1. An assessment of the overall design and architecture of the SecureKey briidge.net Connect solution; 2. Technical evaluations of SecureKey’s mobile and web applications’ authentication capabilities; and 3. Monitoring network traffic to confirm that fields which are configured for encryption do not appear to be transmitting clear text data. Target Audience: The
Open Document