FDIC and NCUA Vendor Management Requirements

FFIEC-Logo.svgThe NCUA and FDIC requirements for managing third party relationships (aka vendors) is fairly straight-forward. The problems with meeting compliance, and protecting an institution, arise when dealing with multiple vendors for critical services. Different financial reports, security audit reports, reputation factors, etc etc etc. Using different wording, the FDIC and NCUA both require that banks and credit unions to: Evaluate the overall effectiveness of the third-party relationship and the consistency of the relationship with the financial institution’s strategic goals. Review any licensing or registrations to ensure the third party can legally perform its services. …

Read more

Introducing our new private Beta product Vendor Intelligence

Rivial has always established our brand by doing quality security work, specializing in Risk Assessments, Business Continuity, Audits and now we’d like to announce that a private Beta is underway for our new product, Vendor Intelligence. To provide some context as to why we are creating this product, there are regulatory, legal, and financial reasons to keep tabs on your critical vendors, suppliers, and service providers. Rivial Vendor Intelligence makes it easy to perform quality due diligence without having to do the research yourself. Get accurate, rich data about your Vendors in user-friendly reports. Detailed reporting covers Engagement,…

Read more

Getting Started With IT Risk Assessment Webinar 11/20 at 9am PT

Navigating your IT Risk can be both scary and difficult, but if you use the right process you can get a clear picture of your risk and where, when and how to take action. Danger Minefield Turning his very popular educational eBook into a webinar, Randy Lindberg from Rivial Security will leverage his 15 years of experience to walk us through Getting Started with IT Risk Assessment Webinar, Thursday 11/20 at 9am PT. In just under 45 minutes of your time Randy will cover the following topics. Risk Assessment Overview Information Assets …

Read more

GLBA Risk Assessments Done Correctly

Last week I received a call from one of our partners (known to the outside world as clients) about a recent audit of their GLBA Risk Assessment. Their audit firm recommended they remove the Availability rating of each information system. The auditor also recommended performing a separate GLBA risk assessment, in addition to the Information Security Risk Assessment that Rivial had already performed for them. [caption id=“attachment_2014” align=“aligncenter” width=“300”]SenatorsGrammLeachBliley Senators Gramm, Leach, and Bliley The Availability Rating in IT Risk Assessment Suggesting that Availability ratings should be removed presents a myopic view of information security risk assessment and exacerbates the challenges…

Read more

Happy Halloween! Rivial Security's Favorite Blog Articles

Happy Halloween from us at Rivial. We are enjoying the transition from summer to fall and are looking forward to a great holiday season. Until then, we leave you with an animated cartoon and a collection of our favorite articles. Happy Halloween Rivial Security’s Favorite Blog Articles IT Security Practices For A Smooth Year End Protect Your ATMs - 4 Steps For your protection, Turn On your Apple ID’s Two-Step Authentication 2014 Top Data Breaches {Infographic}

Read more

IT Security Practices For A Smooth Year-End

Autumn Leaves It’s October and the leaves and the weather are turning a golden brown. We are beginning to embrace the first few weeks of Autumn and usually a noticeable change in weather. As with many industry insiders we are beginning to prepare for the end of the traditional fiscal year and some of the biggest shopping days just ahead of us in the hopes of a great holiday season. Now is the perfect opportunity to pause, reflect, and ensure your business is safe, secure and positioned for success in 2015. Most credit unions, banks and other financial institutions are preparing for…

Read more

Protect Your ATMs - 4 Steps

ATM Threats Rivial has learned through our threat monitoring that ATM malware attacks are spreading and we need all of our partners to take action to ensure they are protected against these new threats. Here are 4 Steps to Protect Your ATMs: 1. Ensure ATMs are physically secured, difficult to open, and cannot be accessed using a universal key or default passcode. 2. Upgrade ATM operating systems if they are still running Windows XP. 3. Update IT Risk Assessment details to reflect this changing threat (this will be done for current Rivial IT Risk Assessment clients) …

Read more

Rivial Security Welcomes Jason Grimes to the Executive Team!

I am very pleased to announce Jason Grimes will be joining our executive team as the VP of Operations to assist in the expansion of Rivial’s services, software, and packaged solutions. Jason is a very hands on manager so you may find him involved in all things Rivial: publishing blog articles, conducting daily business operations, performing security audits and even green field data center buildout consulting. Jason Grimes Jason is a skilled technology manager with 19 years of industry experience in designing, developing, shipping and supporting enterprise, cloud based software. Jason has served in a variety of roles across technology and marketing at…

Read more

For your protection, Turn On your Apple ID’s Two-Step Authentication

At Rivial, we strive to keep both our partner’s personal and professional data private too. In keeping with that theme I wanted to talk about the few simple steps you can take to secure your personal iPhone or Apple ID. What is Apple ID’s two-step authentication? It is the ability to secure your Apple ID transactions with two forms of unique and private data such as your password and your cell phone. This additional security would make it more difficult for criminals to hack your account and gain access to your private data in the cloud. via BestVPN.com I…

Read more