3 min read
Discussions Triggered from the LastPass Breach
Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...
Controls (2)
1 min read
Effective User Access Reviews
What exactly is a user access review? In its simplest form, this review is a process that certifies that users’ (including vendors’) access within...
2 min read
Remote Work Flexibility is Here to Stay
It’s been a long and crazy two years since Covid showed up and changed the world. Yes, a lot of things are different now, but I’d like to take a few...
1 min read
Questions You Should Be Asking Your Internet Banking Provider
Financial institutions are required to regularly assess the authentication controls, security layers, and monitoring of Internet Banking to prepare...
2 min read
What You Can do About the Okta Compromise
News this week brought us word of something very disappointing, a breach in a large player in the identity services company, Okta. If I’m being 100%...
2 min read
Is Your Risk Assessment Authentication & Access Ready?
In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...
2 min read
Backups vs. Retention
We often run into situations where different staff in an institution have different understandings of the goals and operations of their backup...
2 min read
Keep an Eye on API Security
Application programming interfaces, or APIs, enable applications to exchange data and functionality easily with other applications and users in or...
2 min read
Choosing a Cybersecurity Framework
It is a good practice to identify a cybersecurity framework as part of an institution’s Information Security Program. A framework helps to identify...