AlienVault Unified Security Management (USM) provides a fast, cost-effective way for teams with limited security staff and budget to meet their GLBA compliance needs.
See below how AlienVault USM helps you cover key GLBA requirements, or download the GLBA Compliance Solution Brief.
Banks, credit unions, and other financial services firms have a legal obligation to protect consumer information. The Gramm-Leach-Bliley Act (GLBA) of 1999 outlines these specific responsibilities in the interest of consumer privacy. These requirements mandate that US-based financial institutions create an information security program to:
The Federal Financial Institutions Examination Council (FFIEC) supports this mission by providing extensive, evolving guidelines for compliance. The FFIEC IT handbook outlines these specific requirements, and we’ve mapped these against AlienVault’s Unified Security Management capabilities.
Achieving compliance with GLBA is far from trivial. It requires implementing essential security controls for asset configuration, vulnerability assessment, threat detection, behavioral monitoring and log management. And that’s not all. IT staff then needs to monitor these controls and correlate the data being produced by them - across the entire network, in real-time. Traditional security products only perform one or two of these functions, leaving the security analyst left with figuring out how to make these disparate tools work together to provide a single, unified view into the security posture.
Leveraging field-proven technologies, AlienVault USM provides users with an automated offering for Asset Discovery, Vulnerability Assessment, Intrusion Detection, Behavioral Monitoring, Security Intelligence & Event Management (SIEM) and integrated threat intelligence from AlienVault Labs.
Information Security Risk Assessment
Information Security Strategy
Security Controls Implementation – Access Control
Security Controls Implementation – Physical and Environmental Protection
Security Controls Implementation – Encryption
Security Controls Implementation – Malicious Code Prevention
Security Controls Implementation – Systems Development, Acquisition and Maintenance
Security Controls Implementation – Personnel Security
Security Controls Implementation – Data Security
Security Monitoring – Activity Monitoring
Security Monitoring – Condition Monitoring
Security Monitoring – Analysis and Response
Security Process Monitoring and Updating