Gramm-Leach-Bliley Act (GLBA) Compliance
In addition to de-regulating the Financial Services industry, the Gramm-Leach-Bliley Act (GLBA) requires financial institutions to respect the privacy of customers and to protect the security and confidentiality of customers' nonpublic personal information.
The regulations provide specific rights for individuals regarding their financial information, and set forth the obligations of financial organizations with regard to protecting that information.
At our company, we develop easy to use, modularly integrated Security Management solutions that assist customers with GLBA compliance, along with other regulations and standards, and enable our customers to secure their IT assets and manage risk.
Under GLBA Title V, financial services providers must protect customer information against threats to security, confidentiality and integrity. However, GLBA itself is not a technical security standard. Financial services' companies who must comply with GLBA are faced with these challenges:
- Establishing an information security program for safeguarding customer information
- Assessing the ability of security policies to identify and control internal and external threats
- Managing and controlling the risks that would jeopardize customer information
Our GLBA Solutions
In addressing GLBA requirements and helping organizations assure policy compliance, our products can help in a number of areas, including the ones below which correspond to the Interagency Guidelines Establishing Standards for Safeguarding Customer Information:
- Security Policy Establishment. VigilEnt Policy Center helps you create, deploy and test employee understanding of the policies needed to address access controls, the use of encryption, change controls, monitoring and incident response. Utilizing a web based approach for creating policies and reviewing, approving and publishing them on-line, it eliminates many of the barriers to implementing GLBA policies.
- Information Security Risk Assessment & Configuration Management. Secure Configuration Manager provides regular audits of Windows, Linux and Unix systems and SQL Server, Oracle and Sybase databases, to ensure configurations meet the policies for GLBA compliance. Evaluations can be performed by business unit, geography, technology or other groupings to assess information security risks, and the groupings are scored based on the assessment results.
- Access Controls for Systems. Real-time monitoring and audit of changes to Active Directory are provided through Change Guardian for Active Directory, along with detailed reporting on changes for auditors and management.
- Monitoring and Auditing Systems. Security Manager delivers you the protection, detection, containment and correction of security breaches, along with providing the necessary communication and response to security incidents, as outlined by the Interagency Guidelines. Its log management and analysis brings you additional auditing for security applications and devices (firewalls, anti-virus, intrusion detection systems), as well as for network devices.
Sentinel Enterprise provides a framework that enables you to demonstrate and monitor compliance with internal policies and government regulations such as SOX, HIPAA, GLBA and FISMA.