GLBA / FFIEC Assessment

E Com Security Solutions help financial institutions to safeguard customers’ and members’ personal financial information and to meet with GLBA/FFIEC compliance requirements.

  • Ensure the security and confidentiality of customer records and information.
  • Protect against any anticipated threats or hazards to the security or integrity of such records.
  • Protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customers

Ready to Get Started?

Get in touch with our expert team to discuss your business needs or to evaluate the services for free.

GLBA / FFIEC Assessment Overview

The Gramm-Leach-Bliley Act (GLBA) of 1999 first established a requirement to protect consumer financial information. Financial services regulations on information security, initiated by the GLBA, require financial institutions in the United States to create an information security program to protect the security, confidentiality, and integrity of such information. The Federal Financial institutions Examination Council (FFIEC) supports this mission by providing extensive, evolving guidelines for compliance.

E Com Security Solutions GLBA Assessment provides a comprehensive review and analysis of all the major information technology areas recommended by the FFIEC and require financial institution to:

  • Identify all current and foreseeable risks and vulnerabilities in IT systems and data storage, assess likelihood and impact of threats, and assess sufficiency of controls to mitigate the risks.
  • Design and implement a risk management plan to mitigate those risks
  • Implement process and technical safeguards for consumer data storage and access

E Com Security Solutions provide a SOC 2 Type 2 Report of GLBA Assessment on the security controls aligned with FFIEC guidelines for the testing GLBA requirements.

Address Gaps and Vulnerabilities

Web Application Penetration Testing

In-depth manual application testing to secure your internal or third-party developed applications and APIs.

Web Application and API Service Scanning

Identify, prioritize and remediate vulnerabilities across mission critical Web Applications and API’s.

Source Code Security Assessment

On demand managed static / source code vulnerability analysis to help developers build secure software.

Mobile App Security Assessment

On demand cloud based mobile app security assessment from device to network communications to server.

Vulnerability Management

Cloud based solution to identify vulnerabilities in systems, network devices, applications and databases on the network.

Network Penetration testing

Expert based attack simulation to exploit vulnerabilities in systems, network devices, applications and databases on the network.

Firewall config Review

Gain visibility on configuration and access lists to secure, optimize and comply with regulations.

Cloud Security Assessment

Identify security risks in all stages of cloud deployments from initial evaluation and architecture to ongoing assessments and testing.

Resources

For privacy reasons YouTube needs your permission to be loaded.
For privacy reasons YouTube needs your permission to be loaded.
For privacy reasons YouTube needs your permission to be loaded.