The Federal Financial Institutions Examination Council (FFIEC) updated its Authentication Guidance in August 2021, which aims to standardize and enhance security measures for financial institutions. We are seeing a focus on these areas during exams and audits, and understanding these new guidelines is crucial for compliance and risk management.

Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from undermining your cybersecurity efforts.

User Access Reviews (UAR) are crucial for financial institutions, examiners and auditors are focusing on them, and best practices mandate managing to least privilege.   However, the process can be complicated and time-consuming. This is why it's important to standardize and simplify the process as much as possible. Our User Access Review Best Practices white paper outlines five steps to help you achieve this. 

Understanding examiner expectations and knowing how to train your team and board on information security is important. You and your team need to know where the risks are and where regulators are focused based on those risks.