Announcing the New Group President
As many of you know, last year Danny Johnston decided that he wanted to retire from his full-time position at ProfitStars® as Gladiator’s Group President. He and I worked through the transition this past summer so that his exit would be as smooth as possible. As part of the transition exercise, I obviously needed to find a replacement for Danny. Although I interviewed candidates from inside our company and from other companies in the industry, the clear choice was sitting just down the hall in the CIO’s office. I am pleased to announce that effective as of October 1st, Matt Riley has assumed the role as Group President for our Gladiator-Matrix division. Having worked with Matt on a number of initiatives since we originally acquired Gladiator, I am confident that he will do an outstanding job as the leader of this organization. Please join me in congratulating Matt and welcoming him to his new role.
David Foss
President, ProfitStars
Related items
Letter from the President
Since this is my inaugural “Letter from the President,” I would like to take this opportunity to provide a little background on myself. I’ve been working with financial institutions for over 13 years in varying capacities and most of my experience has been in the information security governance space. I am very active with the FS-ISAC organization, residing on various committees, to help bridge the gap between the financial services sector and the public sector. I am one of the original founding partners of Gladiator Technology and I have an extreme passion for ensuring that we keep our customers safe from existing security threats, both externally and internally. But enough about me; let’s move on to what’s included in this edition of The Shield.
People who looked at this item also looked at…
Related items
Emerging Technology Series ~ Taking Control of your DNS Infrastructure
by Ryan Spanier, Senior Information Security Engineer
DNS, or Domain Name System, is used by computers and services to map domain names to IP addresses. Most institutions run a DNS infrastructure for their internal networks. This infrastructure is vital for almost all network activity, including active directory authentication, Web browsing, and update downloads. Unfortunately, most institutions don’t take steps to protect and monitor this infrastructure from threats and abuse.
The DNS infrastructure can be attacked directly or used indirectly to perform malicious activities. Direct threats include DNS poisoning attacks and DNS redirection. These DNS attacks can possibly open the institution up to Man-in-the-Middle attacks, in which malicious actors can intercept traffic destined for a legitimate host and record or change it before sending it on. Indirectly, DNS is used by malware to look up download locations, command and control servers, and possibly to transfer data. It is time institutions take back their DNS infrastructure and use it to better secure their network.
People who looked at this item also looked at…
Related items
Tech Talk ~ Security in a “BYOD” World
by DJ Goldsworthy, Senior Manager, Research & Development
Could I survive a day without my smartphone? Although the question may be hyperbole, it is often used lightheartedly to demonstrate the degree of integration and the influence that mobile devices have on our lifestyle today. Millions of Americans have joined the smart phone and tablet revolution, which has transformed the way we live and do business. These technologies have become a central gateway for work and personal productivity, Internet access, financial planning, location awareness and navigation, and communication with the rest of the world via social media, texting, email and voice.
People who looked at this item also looked at…
Related items
Upcoming FREE ProfitStars Webinars
Gladiator is pleased to offer FREE webinars through ProfitStars. Upcoming live event topics through the end of the year include:
IP Telephony and Unified Communications Solutions (December 16th at 10:30 AM CT)
For more information regarding live or archived webinars or to register for an event, please visit www.ProfitStars.com/webinars/calendar/.
People who looked at this item also looked at…
Related items
The Compliance Corner ~ The FFIEC Authentication for Online Banking Risk Assessment – An Important Perspective to Managing Enterprise Risk
by Jackie Marshal, Director of IT Regulatory Compliance
In light of the impending compliance deadline of January 1, 2012, hopefully your risk management team is close to completing the targeted gap analysis/risk assessment for Internet based banking services/customers as outlined in the recent FFIEC Supplement to Authentication in an Internet Banking Environment (June 2011). Determining control gaps and prioritizing strategies to bolster your layered approach to preventing and detecting fraud for high risk online banking transactions is the end result to this meaningful exercise; however, it should not be considered a “one and done” isolated activity. To implement a comprehensive risk-based approach, you should consider integrating the 2011 FFIEC Authentication Guidance risk management objectives into an ongoing enterprise-wide risk mitigation strategy.
People who looked at this item also looked at…
Related items
Gladiator ITRC Webcast Series 2011
Gladiator’s IT Regulatory Compliance department offers convenient on-demand webcasts that address current issues faced by financial institutions, presented in an interview-style format (30-minute events). Here is the line-up, including the dates the webcasts become available for streaming. Email us at education@gladtech.net for more details. (The 2011 Series webcasts are complimentary for Compliance Package customers and $95 for others.)
- Merchant Capture to Consumer Capture: Is your Financial Institution Ready to Expand? (4/15th)
- SAS 70 Replacement, New Standards & Expectations for Vendor Management (6/9th)
- The New FFIEC Authentication Guidance: How to Effectively Address Customer Education Initiatives (7/15th)
- The Latest Security Threats: What your Financial Institution Should be Doing Now (9/15th)
- Enterprise-wide Risk Assessments vs. Information Security Risk Assessments: Understanding the Differences (12/15th)
People who looked at this item also looked at…
Related items
The Education Zone ~ Maximize your Employee Information Security Training Opportunities
by Karen Crumbley, Product Manager
A common challenge for many financial institutions (FIs) is engaging employees with new and interesting material as it relates to information security awareness. There is no denying that it is difficult to provide fresh and engaging content on an annual basis. Regrettably, in addition to this issue, information security training is often viewed as a distraction from the employee’s daily job functions. The reality is that such training warrants attention, yet it is often neglected. Information security awareness is, in fact, intertwined with daily job functions. Nevertheless, since it is an essential requirement of your Information Security Program, why not maximize your efforts? There is never a better time to reassess the objectives and intent of your FIs information security awareness program than the present.
People who looked at this item also looked at…
Related items
Incident Response Planning for Fraud Incidents
by Ben Murphy, Director of Software Engineering and Services
We all know that GLBA requires IT Incident Response planning, and hopefully you’ve got yours well documented already. But does your plan include incident response planning specifically for fraud scenarios? In particular, with all the fraud targeting commercial clients over the past few years, does your plan include response procedures for handling fraud against a high-profile commercial client?
Next time you update your incident response plans and procedures, consider adding plans that deal with commercial client fraud. Determine what role your institution should take in the processes of gathering evidence, performing forensic analysis, chain-of-custody, reporting, recovery (fixing the problems), and improving fraud prevention in the future for that client.
People who looked at this item also looked at…
Related items
Company Announcements
by Cathy O’Hara, Newsletter Editor
Employee Certifications
We continue to add designations to our ever-growing list of professional certifications. Gladiator employees have recently demonstrated expertise in their fields by earning the following credentials:
- Certified Virtualization Expert (CVE)
- Cisco Certified Network Associate (CCNA)
- GIAC Certified Intrusion Analyst (GCIA)
People who looked at this item also looked at…
Related items
Join Us for the PEC Educational Conference 2012!
by Cathy O’Hara, Newsletter Editor
In 2012 we are Navigating to New Heights at the PEC Educational Conference from March 6-9th at Caesars Palace in Las Vegas and we hope you are planning to join us! This year’s exciting event provides a unique opportunity to learn from product experts, industry peers, top vendors, and insightful guest speakers. You’ll also have the chance to take in the latest products that are making waves, view demos, and much more. Online registration is NOW OPEN at http://www.pecconference.com with Early Bird discounts available for a limited time (save $50 per registration)!
Our Navigating to New Heights theme and agenda will include:
- A broad scope of valuable educational sessions and training classes.
- ProfitStars®, iPay Technologies™, and JHA Payment Processing Solutions® (PPS) tracks.
- The opportunity to network and discuss industry trends and challenges with your peers and subject matter experts.
- Insightful keynote from entrepreneur, motivator, author, and business visionary Robin Crow.
- The chance to visit the Technology Showcase and our new Mobile Solutions Bar to investigate the latest business and financial services solutions provided by ProfitStars, iPay, PPS, our strategic partners, select solutions providers, and more.
People who looked at this item also looked at…
Related items
Welcome from the President
The FFIEC recently released a supplement to its 2005 Authentication in an Internet Bank Environment guidance. This edition of The Shield newsletter is focused on addressing important components of this Guidance Supplement as to how it impacts your financial institution and how to effectively incorporate those updated guidelines in your management considerations. As always, our goal is to help each of you be more successful in growing your business to achieve your corporate objectives in a solid manner while addressing regulatory expectations in a way that provides high success in your examinations.
People who looked at this item also looked at…
Related items
Previous Articles
Welcome to The Shield
Thank you for taking the time to visit the Gladiator Technology newsletter. The latest articles are posted to the left, and you may click on "Continue reading" to see a full article. Take some time to look around in "Categories" and "Archives" to check out some of our previous information postings.
We invite you to visit our main web site at www.gladiatortechnology.com
