Vendors
日本語

Hey FFIEC, Is This Really Guidance?

Create a vendor selection project
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
We are waiting for the vendor to publish their solution profile. Contact us or request the RFX.
Projects allow you to export Registered Vendor details and survey responses for analysis outside of Marsh CND. Please refer to the Marsh CND User Guide for detailed instructions.
Download Registered Vendor Survey responses as PDF
Contact vendor directly with specific questions (ie. pricing, capacity, etc)
5 July 2011

Comments

  • So beyond multi-factor authentication at login, what type of solutions do you think should have been proposed in the Supplement?

    Challenge-response questions, tokens, certificates, etc. are all old news in the online security world. I'm curious how you think banks can go beyond the security-guard-at-the-door mentality and bring some real innovation to combat these increasingly sophisticated and savvy hackers.

    Cheers

  • Definitely nothing to do with authentication. There is no silver bullet right now. It's either the security guard at the door or a real hassle for consumers.

    My recommendation for one of the layers is a forensics solution, one that tracks behaviour and looks for patterns. It's a must have for banks of all sizes and is transparent to the end-user. Couple this with improved and mandatory customer training and education and you have a win-win piece of the solution.

    The devil is in the details.