Financial services are in a highly regulated industry. Virtually all financial services companies and financial institutions are subject to the Gramm-Leach-Bliley Act (GLBA), while the Dodd-Frank Wall Street Reform and Consumer Protection Act provides the measure of what is “reasonable and appropriate” for protecting consumer data in financial systems. The Sarbanes-Oxley Act (SOX) is a regulation that applies more to protecting investor information and systems. For those processing financial transactions, the Payment Card Industry Data Security Standard (PCI DSS) for financial services applies only to financial services companies processing payment cards. Only the portion of the business that is actually processing those cards falls under PCI. Still, the need exists to move such sensitive data from one institution to another with regularity. The following are but a brief introduction to protecting financial data in today's highly computerized world.
Build and Maintain a Secure Network
Thoroughly protect your client information by constantly using a secure network that protects data from the threat of a virtual breach.
Protect Data In-Transit & At-Rest
To preserve trust and maintain your reputation for quality customer protections, you must take measures to protect cardholder data, both in transit and at rest.
Implement Strong Access Control Measures
Many breaches occur due to internal gaps in access controls. Restrict access to users, assign a unique ID or login to each employee and limit physical access to sensitive data.