Security Management Solutions
Security Management Solutions
Overview | Management | Board & Investors | Careers | Contact Us
Overview | NerveCenter | InfoCenter | ThreatCenter | LogCenter | InfoCenter on IBM BladeCenter
Overview | Compliance Solutions | Security Management Solutions | Network Management Solutions
Overview | Professional Services | Education & Training | Customer Support
Overview | Case Studies
Overview | Premier Partners | Strategic Partners | Technology Partners
Press Releases | Articles & News | Tradeshows & Exhibits
Security Information Management & Security Event Management

GLBA Compliance


The Gramm Leach Bliley Act (GLBA) is a comprehensive law requiring financial institutions to protect the security, integrity, and confidentiality of consumer information. Historically, financial institutions have been more security conscious than other industries, but GLBA requires a higher level of security awareness and understanding.
 
GLBA affects an extremely wide range of organizations including banking institutions, insurance companies, securities firms, tax preparers, and credit card companies. As of July 2002, all federally insured financial institutions must demonstrate enterprise-wide compliance and regulatory agencies will examine for full compliance on an ongoing basis.
 
Depending upon the financial institutions’ supervisory authority, GLBA compliance audits are conducted by the Office of the Comptroller of the Currency (OCC), the Federal Reserve Systems (Fed), the Federal Deposit Insurance Corporation (FDIC), or the Office of Thrift Supervision (OTS). Covered institutions must develop a risk-based information security program that includes the involvement of the board and senior management, a risk assessment of threats and vulnerabilities, effective risk management and controls, monitoring and adjusting, and board reporting.
 
As a result, security information and event management (SIEM) plays a vital role in GLBA.
 
GLBA underscores OpenService’s audit, alerting, and reporting capabilities. By collecting and protecting all the data now, you will be ready for your next audit.
 
To address the requirements of GLBA, companies must be able to address the following objectives:
  		•  Access Control monitors attempts to access anything on a company’s systems including files, directories, database records, or applications.
  		• Configuration Control monitors the configuration, policies, and software installed on systems covered by a particular compliance regulation and all systems with access to the monitored system.
  		• Malicious Software Detection capabilities collect and report malicious activities caused by viruses or other malicious code.
  		• Policy Enforcement verifies that all users are complying with regulations to reduce the chance of accidental exposure of sensitive information to unauthorized users.
  		• User Monitoring and Management creates a complete audit of the activities of non-employees with access to private data and takes steps to minimize the risk from compromised accounts.
  		• Environment & Transmission Security involves the ongoing monitoring of the environment to ensure that security threats are detected and corrected as quickly as possible through proactive measures such as VA scans.

    OpenService’s security suite InfoCenter can work with your existing security applications and devices to make meeting these requirements easier:  
  		• with the LogCenter component of InfoCenter, collect data and store it for forensic analysis, event history, and proof of compliance
  		• with the reporting utility of InfoCenter, generate summary and detailed reports of proof of compliance, including user activity, configuration change, and audit reports
  		• with the correlation ability of InfoCenter, collect data across all security and monitoring applications, detecting malicious intent across your entire environment
  		• with the alert monitoring utility of InfoCenter, notify your security and network administrators of problem areas before they become critical


     | Privacy Policy  | Copyright  | ©2002-2008 OpenService, Inc. All Rights Reserved