From: JAMES RITCHIE (james_ritchiesbcglobal.net)
Date: Fri Apr 17 2009 - 12:41:08 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Standardization has come to the financial sector. The Safety and Soundness review is based off of the following guidance. http://www.ffiec.gov/ffiecinfobase/html_pages/it_01.html FDIC banks, NCUA, Savings and loans, and other now all follow the guidance above and have for the last couple of years. James Ritchie CISA, CISSP, PCI-QSA, MCSE, MCP+I, M-CIW-D, CIW-CI, Inet+, Network+, A+ http://www.linkedin.com/pub/1/b89/433 Bristol CT 06010 ________________________________ From: Pia Sachs-Donerkiel <sachsNEFCU.com> To: "datalossdatalossdb.org" <datalossdatalossdb.org> Sent: Friday, April 17, 2009 9:56:04 AM Subject: Re: [Dataloss] Banking and state regulations regarding the transmission of banking routing/account information Well, it’s not Banking Reg, but I am sure FDIC has something similar to BCUA: Credit Union member information security requirements, for federal credit unions, is spelled out in section 748 of NCUA’s Rules and Regulations. Section iii Development and implementation of member information security program; part C ;Manage and control risk paragraph (c) of part 748 states: Each Credit Union shall employ encryption of electronic member information, including while in transit or in storage on networks or systems to which unauthorized individuals may have access. Pia Sachs-Donerkiel Payment Services Supervisor New England Federal Credit Union 802-879-8773 802-764-6589 Fax From:dataloss-bouncesdatalossdb.org [mailto:dataloss-bouncesdatalossdb.org] On Behalf Of fzbrick Sent: Thursday, April 16, 2009 4:02 PM To: datalossdatalossdb.org Subject: [Dataloss] Banking and state regulations regarding the transmission of banking routing/account information Hi, Is anyone aware of written regulations regarding how bank routing and account information should be transmitted over the internet? Intuitively, it needs to be encrypted, however what seems clear to others isn't to others. I need a banking regulation, federal law, or banking requirement that says "Bank Routing and Account information shall be encrypted". Sorry, I am dealing with difficult people, who will not believe me, and need it spelled out to them in near comic book form. Thanks ________________________________ Confidentiality Notice: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential & privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact sender by reply email & destroy all copies of the original message. To protect your privacy, we have removed personal and account information (such as member number, etc.) from the email being returned to you, and we advise you not to include confidential information if you respond to this email.

_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]