by Finosec | May 11, 2023 | Information Security, Infosec, Reporting, Risk Assessment, User Access
User Access Reviews (UAR) are crucial for financial institutions, examiners and auditors are focusing on them, and best practices mandate managing to least privilege. However, the process can be complicated and time-consuming. This is why it’s important to...
by Zach Duke | Feb 16, 2023 | Banking, Cybersecurity, Information Security, Infosec
“The Customer is Why You are in Business” Allen Duke, Mentor & Father. Those who know me well have probably heard me talk about my father’s impact on me and business. For those of you who haven’t heard the passion I have related to these lessons I learned,...
by Finosec | Jan 26, 2023 | Fintech, Information Security, Infosec, Reporting, User Access
Step Four in the FINOSEC user access review best practice series is to ensure users who have access to your systems have legitimate duties that justify not only access but their specific permissions for those systems. Step Four: Review System Access and Permissions In...
by Finosec | Jan 18, 2023 | Information Security, Infosec, User Access
Step Three in the Finosec user access review best practices series is to rate and prioritize the system risks you identified as the most important systems in Step Two of the UAR Best Practices and align those with the access permissions required. Step Three: Rate...
by Finosec | Jan 12, 2023 | Banking, Community Banking, Cybersecurity, Fintech, Information Security, Reporting, User Access
We learned about the importance of a System Map in Step One: Building the Foundation, last week. This week, we are discussing Step 2 – Start with the Most Important. In this critical step in the user access review process, you will identify the most important systems...
by Finosec | Jan 5, 2023 | Cybersecurity, Information Security, User Access
Let’s acknowledge a few things at the start. User access reviews (UAR) are important, and increasingly so. Examiners expect you to complete them regularly. They’re a crucial element of your overall cybersecurity program. They’re complicated and they take time. Finosec...
