|
While today's security controls continue to focus on ensuring only the
right people have access, the more important element is that people are
doing the right things with it. When you evaluate
behavior the
result is a more holistic solution to bank security that addresses:
- Fraud Prevention
- Data Loss Prevention
- Compliance Requirements
- Intrusion Detection
Security testing today remains focused on
unauthenticated attacks, though we knew
back in 2006 that the majority
of attacks involve a valid login/credential. Pairing this insight with the
fact that almost all information security risks arrive at a single point
of convergence known as the end user and you arrive at an inspiring
conclusion that evaluating user activity can actually simplify existing security
models.
Dimensional Security is the leading innovator of activity
validation solutions for financial institutions that help prevent the
four
major security concerns listed above
. |
Information Security: A False Sense
of Trust
In a simplified view security teams first look toward
policies and procedures and next to the technology and tools
that will help enforce them. The primary means for this
enforcement is permissions - the principle of least
privilege. This is often bound to compliance initiatives
that surround being able to report and demonstrate
segregation of duties. Read
More
|