Top Patch delivers information security products to reduce risk, increase data security and ensure compliance. TopPatch's Remediation Vault™ is the industry’s first peer-to-peer patch distribution product. Even with existing patch management solutions, Remediation Vault ensures completeness, coverage and speed so that vulnerabilities are patched before hackers can exploit them. With Remediation Vault, the vulnerabilities in the software installed on Unix, Linux, BSD, OSX and Window’s operating systems are up to date with the newest security patches.
TopPatch services include HIPAA/HITECH compliance management, PCI compliance management, intrusion detection/prevention systems, forensics, end-to-end data privacy compliance management, vulnerability assessment and management, log monitoring and management, FFIEC, GLBA, NCUA, NERC, and SOX compliance.
3. 5 Essential Elements of an
FFIEC Compliance Program
Overview
• Uniform standards and principles
• FRB, FDIC, NCUA, OCC, CFPB
• Harmonized, uniformed reporting systems for
federally-supervised financial institutions and
subsidiaries.
• Can financial institutions outsource services to
the cloud?
• Lack of guidance
• FFIEC-certified assessors
4. 5 Essential Elements of an
FFIEC Compliance Program
• FFIEC will check:
1) Information security
• Incident response plan: documented and
tested
• User security training
• Controls tested on regular basis
5. 5 Essential Elements of an
FFIEC Compliance Program
• FFIEC will check:
2) Your network
• Security of information network.
• Network devices and firewalls and
configuration.
• How you allow remote access, whether it is
secure.
• Whether network devices are implemented
according to best practices.
6. 5 Essential Elements of an
FFIEC Compliance Program
• FFIEC will check:
3) Physical security
• Which parties are allowed to access your data
center.
• Whether critical infrastructure is well-
protected from fires.
7. 5 Essential Elements of an
FFIEC Compliance Program
• FFIEC will check:
4) Service provider oversight
• Whether you trust service providers with
sensitive
information.
• Whether due diligence was conducted on
critical vendors:
• Who directly impact business
operations?
• Who has access to sensitive
information?
8. 5 Essential Elements of an
FFIEC Compliance Program
• FFIEC will check:
5) Systems
• Whether workstations and servers are
securely configured.
• Ability of users to override security
configurations on their workstations.
• Ability of users to install harmful software.
• Presence of applications within network
that are vulnerable to remote attacks.
9. Top Patch delivers
information security
products that reduce risk,
increase data security and
ensure compliance
Request a free trial of
the Remediation Vault
for
Best-In-Class Patch
Management
Alex
Email: alex@toppatch.com
(646) 664-4265
349 Fifth Avenue, New York, NY 10016
www.toppatch.com
Twitter: @toppatch