Good, Bad and Ugly of the New FFIEC Guidance on Banking Security
The recent release of the Federal Financial Institutions Examination Council (FFIEC) guidance on online banking security was released to a sigh of relief from many in the security industry after little official leadership from the branch of the FDIC beyond its 2005 guidance specifying two-factor authentication requirements for online banking environments. While this is a big step forward, many experts believe the new update still may not be ideal. One of these is Avivah Litan, an analyst with Gartner who specializes in anti-fraud technology within the banking industry. She recently laid out some of her commendations and criticisms for the new document out from the Feds.