Ask Matt Series – Spring Cleaning Check-Up
by Matt Riley, CIO of Gladiator Technology
Question: Given the current volatile economic climate, my FI is strongly focused on meeting our security and compliance objectives as a way to help bolster customer confidence in our institution. Can you provide any tips to help us be successful in this regard?
Answer: Let me begin by commenting that your FI’s decision to ensure that its security and compliance objectives are reached is a wise one. Such efforts will send out a positive message to customers overall regarding your institution’s priorities and commitment to protecting customers’ critical information. To assist you in this effort, I have composed a list of items to consider as a Spring Cleaning Check-Up of sorts:
Related items
Emerging Technology Series – Using Software “Sandboxes” to Combat Malware
by Scott Dale, Information Security Engineer
Now that spring is here, and cleaning is on the brain, it is a good time to do a review of your workstations for viruses, Trojans, spyware, and other malware. These threats can remain hidden from installed Antivirus products if they weren’t caught initially, so try scanning all machines with a product such as Malwarebytes Anti-Malware from a CD. Now imagine not having to worry about users installing files from the Internet or getting fooled into clicking on harmful web links. Sound impossible? Not if you install a security product called a “sandbox.”
Related items
A Dash of Acceptable Use Policy Management Can Go a Long Way
by DJ Goldsworthy, Information Security Manager
How are your users utilizing your network? For many reasons, this can be a complicated question to answer. Of course, one always hopes the answer is that users are utilizing the network to “get things done for the organization.” And while that is often the case, many times there may be discrete – and sometimes not so discrete – uses of the company network that are out of line with the organization’s objectives or that put the organization at risk.
Related items
The New Compliance Center – Knowledge is Power
by Karen Crumbley, Product Manager
As referenced in a previous edition of The Shield newsletter, the Gladiator IT Regulatory Compliance (ITRC) department is currently developing the Compliance Center, a handy online repository for compliance information. We anticipate a summer/fall debut for this valuable tool that will assist Financial Institutions (FIs) with management of their ITRC information. The Compliance Center will be exclusively available to Compliance Package customers at no additional charge and will provide convenient storage and retrieval for Gladiator policies through our existing customer portal (a.k.a. the “Client Vault”). It will also serve as a resource for accessing information on ITRC directives and hot topics, all of which will be located in a centralized area of the Vault.
Related items
Gladiator 2009 Series of ITRC Webcasts
Gladiator is pleased to offer the following ITRC webcasts for the remainder of 2009:
v Prepare for the Unexpected: Testing Your Incident Response Plan (August 4th & 13th)
v Meeting the IT Regulatory Challenges of 2009/2010 (November 2009 ─ Dates/Times TBD)
Please visit www.gladiatortechnology.com or contact regulatorycompliance@gladtech.com if you are interested in registering for an ITRC webcast.
Related items
Upcoming FREE ProfitStars® Webinars
Take advantage of FREE ProfitStars webinars throughout the year. During the month of June, Gladiator is hosting the following webinar topic:
Risk Management for Remote Deposit Capture – The New FFIEC Guidance
Hosted by Jackie Marshall of Gladiator and Jim Miller of Enterprise Payment Solutions
June 23rd at 11:30 am EDT
To request more information regarding FREE ProfitStars webinars or to register for the above event, please visit www.ProfitStars.com/webinars/calendar/.
Related items
Event Spotlight ~ Gladiator’s Ben Murphy Presents at RSA Conference
by Matt Riley, CIO of Gladiator Technology
The annual RSA Conference is the premier information security industry conference – this is “where the world talks security.” It is a vendor-independent conference hosted by RSA Security, the security division of EMC, founded by the creators of the original Rivest-Shamir-Adleman encryption algorithm that launched public-key signing and encryption. The first such conference was held in 1991 and today the event attracts well over 15,000 attendees each year. The speaker line-up always includes the very highest levels of leadership and expertise, including the CEOs of Microsoft, Cisco, Symantec, and other IT firms, the heads of the National Security Agency, the Department of Homeland Security, and the CyberDefense Initiative, and security and cryptography gurus like Dan Kaminsky, Bruce Schneier, and other top practitioners. Each year the conference builds a theme around a historical figure or culture, and 2009’s theme focused on renowned cryptologist and author, Edgar Allen Poe.
Related items
Employee Spotlight ~ Certifications
by DJ Goldsworthy, Information Security Manager
Congratulations to Gladiator’s Ben Harbin, Information Security Engineer, for receiving his certification as a SANS GIAC Certified Intrusion Analyst (GCIA) in March. We are proud of all Ben’s efforts put forth to earn this distinction, one that is well-respected in the information security industry.
Other certifications recently earned by Gladiator personnel include:
-
Cisco Certified Voice Professional (CCVP)
-
VMware Certified Professional (VCP)
-
Microsoft Certified Database Administrator (MCDBA)
-
Microsoft Certified Solution Developer (MCSD)
-
Microsoft Certified Technology Specialist (MCTS): Windows Server 2008
-
Microsoft Certified IT Professional (MCITP
-
Oracle Certified Associate (OCA)
Related items
RDC Highlights Unique Information Security Issues
by Jackie Marshall, Director of IT Regulatory Compliance
With the recent finalization of the FFIEC guidance for risk management of Remote Deposit Capture (RDC) technology, much focus has been placed on the types of information security issues that financial institutions should consider when developing management strategies.
Related items
Successful ProfitStars® Client Conference
by Cathy O’Hara, Newsletter Editor
We were thrilled to have so many of you join us recently in April to share “Strategies for Challenging Times” at the 3rd Annual ProfitStars Client Conference in Nashville, TN. Held at the renowned Gaylord Opryland Resort, the event was a huge success – we had over 300 ProfitStars clients attending over 130 educational sessions (some of which were applicable for CPE credits) designed to help hone skills and provide useful information during the current tough economic times. The conference also gave clients a unique opportunity to expand social and professional networks by sharing knowledge with peers, plus hear key industry experts present information on hot business topics.
Related items
Letter from the President
Times like these are best handled with a strong family and we appreciate being a part of yours. As the threat landscape grows and evolves in this tough environment, rest assured that Gladiator Technology’s services continue to be enhanced. Our layered approach to security and strong information expertise provide the most effective way to address multi-faceted attack strategies. Renewal rates on our managed security services remain extremely high, which is a testimony to our fine team of information security specialists and our breadth of well-positioned services. And, I am proud to say that, while current economic challenges are difficult, we continue to add new customers at a solid rate of growth.
Gladiator Technology, as a division of ProfitStars, has been added to the corporate customer satisfaction rating system. We encourage you to take a few minutes to respond to requests for information when sent, and we look forward to reviewing the measurement results in the coming months and years. The information will provide valuable data to Gladiator to help us achieve even higher levels of customer service.
Our CoreDEFENSE layers ─ including firewall, intrusion prevention, and 24×7x365 server monitoring ─ continue to provide comprehensive protection to our financial institutions. We have enhanced our Gladiator Security Research Department, which analyzes new attack methods via our separate MalNet network and helps facilitate effective response methodologies to our layered defense systems and customers. We are also evaluating the possibility of forming a “Threat Response Team” that could be sent on-site to help mitigate compromised systems, if needed. While Gladiator does an excellent job in protecting systems, there are often unmonitored workstations or unique areas within an institution that could experience significant problems if infected with a worm or trojan. So I would be interested in your thoughts on this subject, as to whether or not you would view our ability to send experts to your institution at a moment’s notice to assist in mitigating these issues as an important addition to our list of services. Please send emails to danny@gladtech.net if you would like to comment on this idea.
IT Regulatory activity remains high. In addition to our new ID Theft Prevention Policy, we have been distributing a great many Remote Deposit Capture Policies since the guidance was recently finalized, and also have expanded our Compliance Package contracts to include multi-year terms at a discount per year. Many financial institutions have taken advantage of the additional savings afforded by this option.
The ProfitStars Client Conference is being held April 13-17 in Nashville, Tennessee. I encourage you to consider sending key staff members to this conference. The Gladiator Technology list of sessions includes presentations on specific points of interest, annual training for the information security officer to help better protect your institution, and informative panel discussions with your peers. You can find additional information on page 7 of this newsletter or at ProfitStars.com.
Thank you for your continued trust. We recognize the responsibility we have to earn that trust every day and Gladiator Technology continues to focus on providing the very best services in the industry.
Sincerely,
Danny Johnston, Group President
Related items
Registration is Open ~ ProfitStars® Client Conference 2009
This year’s Conference theme is Strategies for Challenging Times and offers four days of hard-hitting knowledge, opportunity, and strategy you won’t get at any other conference this year. Join us from April 14-17 at the Opryland Resort in Nashville, Tennessee. (Go to www.profitstars.com to register online.)
Register for the conference by March 6th to ensure the discounted hotel price ─ and be entered in a drawing to win an XBOX or Zune!!
Participation in this important event provides a unique opportunity for Gladiator clients in the following ways:
- Choose from over 130 educational and training sessions (some of which maybe applicable toward CPE credits)
- Hear industry experts speak on a variety of relevant and “hot” business topics, plus hear Todd Buchholtz. renowned economist, as the keynote speaker
- Attend a Gladiator User Forum on Tuesday of the conference to share ideas and give us your valuable feedback on products and services and explore the possibility of forming a Gladiator User Group
- Attend the ProfitStars Technology Showcase exhibit and check out the most up-to-date product advances
- Network and exchange ideas with colleagues
Sessions to be hosted by Gladiator experts:
Virtualization: Is it for Your Enterprise?
Meeting Examiner Expectations for Remote Deposit Capture
Anatomy of a Security Breach
Meeting IT Regulatory Challenges of 2009, Including Red Flag Expectations
Security Awareness Training Best Practices ─ A Panel Discussion/Town Hall Meeting
Phishing Defense & Response Best Practices ─ A Panel Discussion
Gladiator Annual Training Update
What’s New in Networking: An Overview of Hardware & Software LAN Technology Available Today
Beyond IP Telephony: How a Unified Workspace Extends the Work Environment Beyond a Phone and the Desktop
Related items
Previous Articles
Welcome to The Shield
Thank you for taking the time to visit the Gladiator Technology newsletter. The latest articles are posted to the left, and you may click on "Continue reading" to see a full article. Take some time to look around in "Categories" and "Archives" to check out some of our previous information postings.
