If you are a financial institution, you are required by law to comply with the Gramm-Leach-Bliley Act (GLBA) and maintain proper security controls to protect consumer financial privacy.
The Gramm-Leach-Bliley Act (GLBA), is also known as the Financial Services Modernization Act of 1999. The Gramm-Leach-Bliley Act allowed commercial banks, investment banks, securities firms and insurance companies to consolidate into a combined industry known as the “financial services” industry. Financial institutions must put in place a policy to protect consumer information from foreseeable threats to security and data integrity, and scrutinize how they manage private data with risk analysis on their current processes. Noncompliance can lead to fines of up to $100,000 per violation and imprisonment.
Intersec Worldwide has been helping financial institutions meet their business objectives and compliance requirements under GLBA for years. Our top-down, comprehensive methodology includes the utilization of business systems that assess IT-related risks to the organization, all business partners, and customers.
We further ensure that organizations meet and achieve the following goals:
- Availability–Consistent system uptime and availability ensures users have prompt access to information.
- Integrity of Data or Systems–Ensuring that systems are free from unauthorized manipulation that can compromise the accuracy, completeness, and reliability of data.
- Confidentiality of Data or Systems–Protection of customer information and guards against unauthorized access, use, or distribution of confidential data
- Accountability–Clear record keeping and tracking to ensure you know who has accessed what data, when, and where. Accountability directly supports non-repudiation, deterrence, intrusion prevention, security monitoring, recovery, and legal admissibility of records.
- Assurance–A system of checks and balances to ensure that technical and operational security measures work as intended. Assurance levels are part of the system design and include availability, integrity, confidentiality, and accountability. Assurance highlights the notion that secure systems provide the intended functionality while preventing undesired actions.
- Non-repudiation–The combination of integrity and accountability is non-repudiation. Non-repudiation occurs when the financial institution demonstrates that the originators who initiated the transaction are who they say they are, the recipient is the intended party, and no changes occurred during transit or storage. Non-repudiation can reduce fraud and promote the legal enforceability of electronic agreements and transactions.
Learn what this means for you. Let us be your experts on GLBA compliance.