Gramm Leach Bliley (GLBA)
The Gramm Leach Bliley Act (GLBA) was established to de-regulate the Financial Services industry. Within the Act, ‘The Financial Privacy Rule’ governs the collection and disclosure of customers’ personal financial information by financial institutions and applies to all companies, whether within the financial industry or not, that uses or receives such information – for example credit reporting agencies etc.
The Business Challenge
In order for organizations to comply under GLBA, they must show that they respect customer’s privacy and that personal details are kept confidentially and secure by:
- Detailing and scoping an information security program that safeguards customer information
- Identifying and assessing the ability of the security policies implemented in controlling threats, both internally and externally
- Controlling and reporting vulnerabilities that could potentially pose security risk
The Safestone Solution
Risk & Compliance Monitor can assist an organization by identifying policy compliance vulnerabilities, against its GLBA off-the-shelf policy and in doing so can help to prepare for auditing.
For real time monitoring and alerting of unauthorized system access, illegal configuration changes and data manipulation, Security Audit & Detection is a configurable tool for converting raw System i data into relevant security information, with audit trails of critical events.
Ensuring that critical data sources held on the System i are treated confidentially is a key part of GLBA compliance. Without adequate controls, unauthorized staff may gain access to sensitive information and use it to their advantage. Network Traffic Controller ensures that only the right personnel can actually access and use specific data.
Multiple Systems Administrator can centrally control and synchronize security auditing, reporting, network traffic management, profiles and policy management across the network, consolidating selected reports from one host machine.
User Profile Manager is a powerful administration tool providing flexibility to easily manage profiles and passwords across the whole of your System i environment.