by Finosec | Jan 26, 2023 | Fintech, Information Security, Infosec, Reporting, User Access
Step Four in the FINOSEC user access review best practice series is to ensure users who have access to your systems have legitimate duties that justify not only access but their specific permissions for those systems. Step Four: Review System Access and Permissions In...
by Finosec | Jan 18, 2023 | Information Security, Infosec, User Access
Step Three in the Finosec user access review best practices series is to rate and prioritize the system risks you identified as the most important systems in Step Two of the UAR Best Practices and align those with the access permissions required. Step Three: Rate...
by Finosec | Dec 15, 2022 | Community Banking, Cybersecurity, Information Security, Infosec, Reporting, User Access
Do you believe the full title? Or do you believe the parenthetic comments are a better descriptor? Here’s a simple and universal truth of the human condition: we tend to avoid tasks we think will be hard. Or complicated. Or time consuming. Or all three! An earlier...
by Finosec | Nov 23, 2022 | Banking, Community Banking, Cybersecurity, Information Security, Infosec, User Access
Financial institutions have long viewed user access reviews as a double edged sword. On one hand, regulators require them. They’re a crucial component in managing to least privilege. But they’re a challenge to conduct on a regular schedule. And if you have to rely on...
by Finosec | Nov 17, 2022 | Cybersecurity, Information Security, Infosec, Reporting, User Access
User access reviews are important. They also tend to be a complex, time-consuming task. When you add the regulatory and cybersecurity insurance expectations about these reviews and how often they really should be completed, it gets worse. Finally, to complete the...
by Finosec | Nov 10, 2022 | Banking, Community Banking, Cyber Attack, Cybersecurity, Fintech, Information Security, Infosec, Insurance, Security, Uncategorized
Cybersecurity insurance is an increasingly important component of your financial institution’s overall information security program. When a data breach or other hostile technology event occurs, cybersecurity insurance proceeds can provide funds to repair your...
