Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: JAMES RITCHIE (james_ritchiesbcglobal.net)
Date: Fri Apr 17 2009 - 12:41:08 CDT
Standardization has come to the financial sector. The Safety and Soundness review is based off of the following guidance.
FDIC banks, NCUA, Savings and loans, and other now all follow the guidance above and have for the last couple of years.
CISA, CISSP, PCI-QSA, MCSE, MCP+I, M-CIW-D, CIW-CI, Inet+, Network+, A+
Bristol CT 06010
From: Pia Sachs-Donerkiel <sachsNEFCU.com>
To: "datalossdatalossdb.org" <datalossdatalossdb.org>
Sent: Friday, April 17, 2009 9:56:04 AM
Subject: Re: [Dataloss] Banking and state regulations regarding the transmission of banking routing/account information
Well, it’s not Banking Reg, but I am sure FDIC has something similar to BCUA:
Credit Union member information security requirements, for federal credit unions, is spelled out in section 748 of NCUA’s Rules and Regulations.
Section iii Development and implementation of member information security program; part C ;Manage and control risk paragraph (c) of part 748 states:
Each Credit Union shall employ encryption of electronic member information, including while in transit or in storage on networks or systems to which unauthorized individuals may have access.
Payment Services Supervisor
New England Federal Credit Union
From:dataloss-bouncesdatalossdb.org [mailto:dataloss-bouncesdatalossdb.org] On Behalf Of fzbrick
Sent: Thursday, April 16, 2009 4:02 PM
Subject: [Dataloss] Banking and state regulations regarding the transmission of banking routing/account information
Is anyone aware of written regulations regarding how bank routing and account information should be transmitted over the internet?
Intuitively, it needs to be encrypted, however what seems clear to others isn't to others. I need a banking regulation, federal law, or banking requirement that says
"Bank Routing and Account information shall be encrypted".
Sorry, I am dealing with difficult people, who will not believe me, and need it spelled out to them in near comic book form.
Confidentiality Notice: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential & privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact sender by reply email & destroy all copies of the original message. To protect your privacy, we have removed personal and account information (such as member number, etc.) from the email being returned to you, and we advise you not to include confidential information if you respond to this email.
Dataloss Mailing List (datalossdatalossdb.org)
CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently
across your enterprise to ensure regulatory compliance.