|
|---|
|
|---|
Banks and financial institutions are relying
increasingly on information technology to support growth and expansion
into the global marketplace. Technologies such as the Internet,
The regulatory agencies (and associated audit functions) are constantly working at updating their rules, guidelines and bulletins to address the risks and controls required of financial institutions. The rules have recently changed!!! (click here for a summary) Unlike many security
firms, NPI's personnel have the
extensive networking experience
necessary to detect and
document the very
Network Partners' security services can assist banks and auditors through all aspects of network & system security including required external penetration testing. (See past projects for examples.) Our personnel will guide the bank through the challenging process of evaluating and assessing the I/T security vulnerabilities, and assist your support personnel with the tedious task of correcting workstation, server and Internet banking security issues where possible while on-site. (More detail... vulnerability assessment ) NPI is not a reseller, therefore we have no interest in attempting to influence your use of specific technologies, hardware or I/T vendors. NPI's personnel will evaluate I/T security risks and controls as subject matter experts (specialists) following the Federal Financial Institutions Examination Council's (FFIEC) recently published Information Security Handbook, and other formal state and federal regulatory bulletins and guidelines (FDIC, FRB, NCUA, OCC, OTS, GLB). Click here to review NPI's summary of the FFIEC requirements, or, click here to view the full 118 page FFIEC document (2.1 meg). Upon completion NPI will prepare detailed system topology maps including servers, routers, firewalls, and other supporting system components; and, provide formal Findings documents appropriate for examiners, auditors and the Board of Directors. Each document is written specifically for the intended audience. NPI will also meet with and discuss our findings with institution executives, examiners, auditors and/or directors to ensure an accurate understanding of the risks and controls. As an arms-length partner of your institution, Network Partners Inc can also provide recurring (monthly, quarterly, annual) penetration testing, web site monitoring, deploy economical on-site security monitoring as well as other services tailored to the needs of the institution (See NetSentry monitoring). NPI is a member of various state banking associations. |
|
About NPI |
Contact Us |
Services | Tools |
Site Map |
Reseller Programs
Professional Ethics |
Privacy
Copyright 1993-2024 Network Partners, Inc. All rights reserved
extranets, and intranets are
allowing institutions to reach people and markets in a way
never before imagined. However, with all of the benefits that technology
brings to the banking industry, it also brings increased vulnerabilities and
threats. Many banks are faced with a growing concern over the impact
of disgruntled employees, unauthorized users, industrial spies, Gramm-Leach-Bliley
(GLB) compliance, Check 21 & FDIC requirements, and mischievous
hackers exploiting and compromising your information systems and networks.
Because of the very nature of an open environment, the risk of revenue and
information loss is greater. As technology becomes more sophisticated, so
do those who would like to enter the world of information and wreak havoc;
not just hackers and embezzlers, but legitimate users who wander into
areas of Internet banking they shouldn't be able to access. 
communications paths and vulnerabilities needed by
hackers and intruders to compromise banking systems. Our experience with sophisticated detection tools
such as Sniffers, scanners, NetSpector, Route Monitor, Snort and others allow our personnel
to quickly identify the actual logical network configuration and the
potential entry points required to access confidential data. When combined with our
experience implementing Firewalls and other security monitoring mechanisms, NPI's
ability to assess vulnerabilities and protect information exceeds the
capabilities of most security consultants. (See
