Good, Bad and Ugly of the New FFIEC Guidance on Banking Security

  • By

    Ericka Chickowski

No Title
THE GOODLayered security in favor of just authenticationGartner's Litan thought it great that the document made it clear "that virtually every authentication technique can be compromised." She believes the FFIEC's emphasis on urging banks to implement layered security is a big improvement.
The recent release of the Federal Financial Institutions Examination Council (FFIEC) guidance on online banking security was released to a sigh of relief from many in the security industry after little official leadership from the branch of the FDIC beyond its 2005 guidance specifying two-factor authentication requirements for online banking environments. While this is a big step forward, many experts believe the new update still may not be ideal. One of these is Avivah Litan, an analyst with Gartner who specializes in anti-fraud technology within the banking industry. She recently laid out some of her commendations and criticisms for the new document out from the Feds.
This article was originally published on 2011-07-20