GLBA AssessmentsData Privacy for the Financial Industry
The Gramm-Leach-Bliley Act (GLBA), also know also known as the Financial Services Modernization Act of 1999, is a federal law requiring financial institutions to develop, implement, and maintain administrative, technical, and physical safeguards to protect the security, integrity, and confidentiality of customer information. Any institution that provides financial products, or collects or receives information about customers of financial institutions, must comply with the requirements specified in the law. This is true regardless of whether an institution intends to disclose nonpublic information. All affected institutions must have policies in place to protect customer information from foreseeable threats to data confidentiality and integrity, and our GLBA assessments can insure your compliance.
Aerstone has extensive experience in providing cybersecurity experience to large financial institutions, and can help your firm understand and meet the following major privacy and security components of the GLBA, including:
- The Safeguards Rule. This rule requires institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect, both current and former clients’ nonpublic personal information.
- The Financial Privacy Rule. This rule requires institutions to provide customers with a specific and highly detailed set of privacy notices, on a specific schedule.
- Pretexting Protection. This rule requires institutions to put reasonable safeguards in place against phishing, and other social engineering attacks — including employee training programs, and spot-checks.
Our Experience Sets Us Apart
Aerstone is an NSA-certified vulnerability assessor, and a service-disabled veteran-owned small business.
We approach each engagement with the highest levels of professionalism, determination, and creativity, honed by years of working with
security professionals across the military, intelligence community, civilian government, and private industry.
Contact our sales team at email@example.com for more information.