Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
Bertucci's has become a beloved destination for Italian food since its
formation in 1981. With more than 2,000 employees in over 90 locations,
managing unauthorized software downloads on their growing computer
systems has become a daunting task. Unsupported and unauthorized software
and downloads by employees...
According to the Pasco County, Fla., Sheriff's Dept., at least 44 customers were defrauded of thousands of dollars, after their cards were skimmed at two walk-up ATMs at area banks, including Bank of America.
Ocean Bank failed to implement an effective BSA/AML Compliance Program, with internal controls "reasonably designed to detect and report money laundering and other suspicious activity in a timely manner," regulators say.
Anomaly detection and behavioral monitoring are minimum requirements or mitigating online risks, and the newly-issued supplement to the FFIEC Authentication Guidance highlights why banks and credit unions should be doing more, says Terry Austin of Guardian Analytics.
"The action and manifestation of risk is not necessarily evident to today's users in the way it was in the past, and that creates a big inherent challenge for a CISO," says Malcolm Harkins, CISO at Intel Corp.
You know the tune: Cyber thieves pirated the town's banking credentials, arranged some bogus "payroll transactions" with the town's bank and then next thing you know ... money mules are transferring funds to the Ukraine.
Now that the FFIEC's updated online authentication guidance is out, banking institutions need to move forward in preparation for 2012 compliance, says Julie McNelley, banking fraud analyst for Aite Group.