by Zach Duke | Feb 22, 2024 | Information Security, Bank Vendor Management, Banks, Case Study, Community Banking, Compliance, Compliance Risks, Cybersecurity, Information Security Governance, Information Security Officer, Least Privilege Validation, User Access, User Access Reporting
Pendleton Community Bank, a $700 Million Dollar Bank with 133 Employees in Franklin, WV, led by CEO Bill Loving, faced a critical challenge when their Information Security Officer departed, leaving a significant void in their oversight capabilities. Their goal was...
by Zach Duke | Sep 14, 2023 | Cybersecurity, Information Security, Infosec, page-user-access, Reporting, Risk, Risk Assessment, User Access
The Federal Financial Institutions Examination Council (FFIEC) updated its Authentication Guidance in August 2021, which aims to standardize and enhance security measures for financial institutions. We are seeing a focus on these areas during exams and audits, and...
by Beth Sumner | Jul 27, 2023 | Cybersecurity, Information Security, Infosec, page-user-access, Reporting, Risk, Risk Assessment, Training, User Access
Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from...
by Finosec | May 11, 2023 | Information Security, Infosec, Reporting, Risk Assessment, User Access
User Access Reviews (UAR) are crucial for financial institutions, examiners and auditors are focusing on them, and best practices mandate managing to least privilege. However, the process can be complicated and time-consuming. This is why it’s important to...
by Zach Duke | Feb 16, 2023 | Banking, Cybersecurity, Information Security, Infosec
“The Customer is Why You are in Business” Allen Duke, Mentor & Father. Those who know me well have probably heard me talk about my father’s impact on me and business. For those of you who haven’t heard the passion I have related to these lessons I learned,...
by Finosec | Jan 26, 2023 | Fintech, Information Security, Infosec, Reporting, User Access
Step Four in the FINOSEC user access review best practice series is to ensure users who have access to your systems have legitimate duties that justify not only access but their specific permissions for those systems. Step Four: Review System Access and Permissions In...