by Zach Duke | Feb 16, 2023 | Banking, Cybersecurity, Information Security, Infosec
“The Customer is Why You are in Business” Allen Duke, Mentor & Father. Those who know me well have probably heard me talk about my father’s impact on me and business. For those of you who haven’t heard the passion I have related to these lessons I learned,...
by Finosec | Feb 2, 2023 | Cybersecurity, Banking, Infosec, Reporting, User Access
Step 5 is the final step in the User Access Review Best Practices series. The goal of this step is to focus on increasing standardization to develop a more mature and routine approach to user access reviews by focusing on three key areas. Roles and baseline...
by Finosec | Jan 12, 2023 | Banking, Community Banking, Cybersecurity, Fintech, Information Security, Reporting, User Access
We learned about the importance of a System Map in Step One: Building the Foundation, last week. This week, we are discussing Step 2 – Start with the Most Important. In this critical step in the user access review process, you will identify the most important systems...
by Finosec | Jan 5, 2023 | Cybersecurity, Information Security, User Access
Let’s acknowledge a few things at the start. User access reviews (UAR) are important, and increasingly so. Examiners expect you to complete them regularly. They’re a crucial element of your overall cybersecurity program. They’re complicated and they take time. Finosec...
by Finosec | Dec 15, 2022 | Community Banking, Cybersecurity, Information Security, Infosec, Reporting, User Access
Do you believe the full title? Or do you believe the parenthetic comments are a better descriptor? Here’s a simple and universal truth of the human condition: we tend to avoid tasks we think will be hard. Or complicated. Or time consuming. Or all three! An earlier...
by Finosec | Nov 23, 2022 | Banking, Community Banking, Cybersecurity, Information Security, Infosec, User Access
Financial institutions have long viewed user access reviews as a double edged sword. On one hand, regulators require them. They’re a crucial component in managing to least privilege. But they’re a challenge to conduct on a regular schedule. And if you have to rely on...
