Mobile Security and the FFIEC: Going Mobile, Not Nuts!
Click here for a PDF registration brochure
Those of us who think we’re not “doing mobile banking” should go out to your bank’s website from a cell phone.
Whether we want to or not, the banking industry is going mobile. Even if we have managed to delay our deployment of mobile banking and got away with it, we still have users connecting to bank sites via their smart phones, board members with iPads, managers connecting to our vpns via wireless access points at home, and even auditors wanting to ride a wireless network out of our banks. We have no choice but to create a mobile security posture that addresses:
- Risk Assessments
- Mobile Banking Risks (both customer and bank centric)
- Portable Device Deployment
- BYOD and other Data Loss Acceptances
- Wireless Networking Risks
This posture should be the starting point of a long term strategy to create governance tools to manage the risks arising from mobility. The tools need to include policies, procedures, audit processes, configuration standards, training, and signoff forms (and agreements.)
- The Branchless Bank
- Mobile Risk: The threats, the assets, the vulnerabilities, and the future!
- FFIEC Requirements related to Mobile Security
- Conducting a risk assessment for:
- Mobile Banking and SMS Banking Apps
- Bank-issued portable devices (laptops, cell phones, smart phones, tablets, etc.)
- BYOD (Employee-owned Devices)
- Wireless Access Points in the Branch
- Wireless Access Points in the Home
- User Policies and Procedures
- Mobile Device Audit Practices
- Configuration Standards Development
- Mobile Device Management
- Exchange ActiveSync
- A rundown of five MDM Providers
- What are other banks doing?
- Free access to our Mobile Security Kit ($495 value)
- Drill-down Risk Assessment Tools
- BYOD Policies, User Agreement Templates, Audit Checklists
- Branchless Banking Policy, Management Procedures
- Training Comprehension Exercises, Posters, Puzzles, Games, etc.
- Boilerplates and templates to create your own program
Who Should Attend
This compliance workshop is directed to information security officers, compliance personnel, information technology managers, and anyone involved in developing risk responses to the bank’s mobile profile.
Consider Sending More Than One Person!
Technology governance inevitably involves a technical and non-technical component. Banks that send pairs of technical and non-technical representatives with benefit the most from this workshop.
Meet Your Presenter
Prior to founding infotex in 2000 to serve community banks, Dan Hadaway led software development projects, e-commerce application development, & many network installation projects. His first experience in IT governance came in 1984, when a company he co-owned decided to design an enterprise resource planning (ERP) application. He wrote his first Acceptable Use Policy in 1986, and conducted his first Information Technology risk assessment in 1989.
He now works extensively with banks from 26 million to 14 billion on projects ranging from IT Audits to Incident Response to Policy Development. His primary strength is the use of risk management fundamentals to help banks determine where they need to be on the compliance spectrum.
Dan has already helped several banks ranging in size from 50 to 1500 employees develop mobile security strategies. He has been writing and speaking about portable device security for six years now. He speaks regularly at various conferences, workshops, and webinars. People who have seen Dan speak will say that he has an ability to help non-technical people understand technical issues. Dan also writes regularly (primarily on his blog at http://my.infotex.com/category/infotex-team/dans-new-leaf/. He has been published in Bank Notes, Hoosier Banker, and the ABA’s Compliance Magazine.
The following fees include the program, materials, continental breakfast, lunch & refreshments:
- $155 Each Additional Person From the Same Institution
As of Jan. 1, 1994, only 50 percent of business food and beverage can be deducted. For tax purposes the cost of food and beverage for this program is $25.
8:30 a.m. Registration
9:00 a.m. Program begins
12:00 noon Lunch (included)
1:00 p.m. Program resumes
4:00 p.m. Program adjourns
IBA Center for Professional Development
6925 Parkdale Place
Indianapolis, IN 46254
The IBA Center for Professional Development is located on the westside of Indianapolis just off of I-465. From I-465 take the 38th Street West Exit (Exit 17). When you exit go west on 38th street. Turn north/right onto Eagle Creek Parkway and then east/right onto Parkdale Place. Our address is 6925 Parkdale Place, Indianapolis, IN 46254. Click here for a map and a list of local hotels. Dress is business casual.
Everyone who registers online will receive an e-mail confirmation after the registration is submitted. Within three or more business days prior to the day of an educational program, no cancellation charge will be assessed. Within two days prior, 50% of the fee is assessed. Refunds are not provided for cancellations or absences which occur on the day of the program. Substitutions are welcome at any time.