Presentations/Articles

Four Steps to a Compliant Patch Management Program
Publication: Hoosier Banker

Author: Richard Menta

Financial institutions have invested heavily in commercial software to support business processes. A bank’s information technology infrastructure is laden with business applications, operating systems, core processing systems and system services such as anti-virus programs and e-mail. Like everything else, this software needs continual maintenance.

But the nature of software demands a habitual updating, or patching, of the product. Commercial software often contains flaws, sove severe, that create not only performance issues but also security vulnerabilities that intruders can leverage to access information housed in bank systems.

> Download the full PDF version

Maximizing the Value of 3rd Party Network Security Testing
Publication: Iowa Banker

Author: Blake Wiedman, Paul Rohmeyer

Many factors have caused increased attention on Information Security. This includes regulation on the management of sensitive information such as Gramm-Leach-Bliley, increasing electronic connectivity between firms and business partners, and a seemingly endless stream of technical flaws in the systems we rely on to provide essential services and complete business transactions. Information Security activities within many organizations include developing and following meaningful policies and procedures as well as the installation of network security technologies such as firewalls and intrusion detection systems. Firms are increasingly relying on a variety of security evaluation techniques such as network penetration testing to verity the effectiveness of their information security program.

> Download the full PDF version