Information Security Services
The Banking and Financial Services Industries require a higher level of protection over its customer data and related financial information. Accordingly, ensuring an organization’s data is secure can be both costly and complicated for this industry. Our services focus on the specific vulnerabilities of this industry as follows:
- Personally identifiable information - With confirmed cases of identity theft on the rise, Personally Identifiable Information (PII) must be protected. Our security services ensure that PII is protected both at rest and in transit by ensuring appropriate access controls are effective and properly placed throughout the enterprise environment.
- Client side attacks - Common vulnerabilities such as Cross-Site Scripting, SQL Injection, and Cross-Site Request Forgery represent a significant risk to any public system, most important being financial systems. Industry proven methodologies are referenced and implemented throughout each of the service offerings available from our security practice.
- Enterprise, “end-to-end” vulnerabilities - The inter-connectivity of complex financial systems requires the in-depth understanding of how disparate systems interact within the enterprise environment. Our end-to-end testing procedures are designed to discover vulnerabilities that occur during this interaction; how they can be exploited by an attacker; and most importantly the most effective and efficient security controls necessary to eliminate the threat.
- Data leakage - By exploiting discovered vulnerabilities or observing the natural behavior of the enterprise environment, sensitive data may be at risk for unintentional disclosure. While many effective controls may already be in place to protect the obvious avenues used to access sensitive information, attackers can leverage multiple techniques to elicit sensitive information from discreet sources within the enterprise.
Our security teams deliver to the level of detail required by the financial services industry. Our testing and assessment services are tailored to ensure your organization complies with the security assessment requirements of the Gramm-Leach-Bliley Act (GLBA) and include the following:
