|
In the financial services arena, risk mitigation is key to
both business continuity and regulatory compliance. In light
of the most recent Basel Accords (Basel II), financial institutions
worldwide are now obligated to mitigate three primary categories
of risk – credit, market, and operational. Operational risks
under Basel II includes risks relating to the human factor and
especially as associated with "inadequate or failed internal
processes, people and systems…"
In light of these stipulations, financial services organizations
are responding to operational risk mitigation requirements by
reporting in a more organized, formal manner. Part of this effort
includes new attention to risks arising from now ubiquitous
technologies like mobile devices, portable storage, and wireless
networks.
Although Basel II still lacks specific operations risk mitigation
guidelines, financial services IT departments are tightening
security procedures and policies, with a focus on the endpoints
– home of over 60% of sensitive corporate data, according to
studies.
Safend Auditor and
Protector are designed
from the ground up to help large organizations meet the challenges
of BASEL II. Seamlessly integrating with existing solutions,
Safend monitors and controls the flow of information to and
from any endpoint. Safend provides healthcare organizations
with detailed visibility and granular control over data transfer
from the endpoint via wireless ports and all physical storage
devices, providing a comprehensive audit trail of endpoint activity
and simultaneously protecting against data leakage.
Meeting the Challenges of Basel II
By delivering a high degree of control over access mechanisms
at the endpoint, solutions from Safend prevent unauthorized
information transfer, facilitating compliance with emerging
data privacy standards like Basel II. With Safend, financial
services organizations can:
- Evaluate vulnerabilities - Safend Auditor
collects information from each endpoint, delivering a comprehensive
list of which devices, ports and connections are used now
or were used in the past. From this data, a specialized
plan can be developed to allow regulatory-compliant endpoint
control.
- Defining access at all endpoints -
Safend Protector enables financial services organizations
to define new endpoint security policies or supplement existing
ones and then extend and enforce them across all endpoints,
and over all physical, wireless, and removable storage devices.
This enables the ongoing flow of data, while still maintaining
security, productivity and ultimately compliance.
- Maintaining and updating access - The
Safend Management Console enables system administrators
to check user access rights periodically, another common
regulatory requirement. Safend transfers these sensitive
credentials using a secure SSL channel, so remote systems
can be administered securely from a single location.
- Ongoing policy enforcement - Safend
Protector enforces endpoint security policies on a highly-granular
level, monitoring real-time traffic and applying security
policies over all physical, wireless and removable storage
interfaces. Safend detects, logs and restricts unapproved
data transfer from any computer in the enterprise. Each
computer is protected 100% of the time, even when it is
not connected to the network. Safend can further ensure
that mobile users and data are secure by encrypting any
data written to removable storage devices or by enforcing
the use of hardware encrypted flash drives only.
|
Safend
for Basel II Compliance