Finosec Official Blog

Safeguarding Your Assets: Preventing Privilege Creep

Beth Sumner posted in Cybersecurity, system map, self assessment, User Access, User Access Reporting, training, preparedness, Risk Assessment, information security, Risk, Risk Review, infosec

0 Comments

Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from undermining your cybersecurity efforts.

Read More

5 Steps For User Access Review Best Practices

FINOSEC posted in User Access, User Access Reporting, preparedness, Risk Assessment, information security, System Inventory, Risk Review, infosec

0 Comments

User Access Reviews (UAR) are crucial for financial institutions, examiners and auditors are focusing on them, and best practices mandate managing to least privilege.   However, the process can be complicated and time-consuming. This is why it's important to standardize and simplify the process as much as possible. Our User Access Review Best Practices white paper outlines five steps to help you achieve this. 

Read More

Step 5 – User Access Review Best Practices: Increase Maturity

FINOSEC posted in Cybersecurity, Innovation, Banking, User Access, User Access Reporting, infosec

0 Comments

Read More

Step 4 – User Access Review Best Practices: Review System Access and Permissions

FINOSEC posted in Innovation, Fintech, User Access, User Access Reporting, information security, infosec

0 Comments

Step Four in the FINOSEC user access review best practice series is to ensure users who have access to your systems have legitimate duties that justify not only access but their specific permissions for those systems.

Read More

Step 3 - User Access Review Best Practices: Risk Rate Systems & Access

FINOSEC posted in Innovation, User Access, User Access Reporting, information security, infosec

0 Comments

Step Three in the FINOSEC user access review best practices series is to rate and prioritize the system risks you identified as the most important systems in Step Two of the UAR Best Practices and align those with the access permissions required.

Read More

User Access Review Best Practices: Step 2 - Start With The Most Important

FINOSEC posted in Cybersecurity, Innovation, Fintech, Banking, community banking, User Access, User Access Reporting, Information Security Officer, Cyber

0 Comments

We learned about the importance of a System Map in Step One: Building the Foundation, last week.

This week, we are discussing Step 2 – Start with the Most Important. In this critical step in the user access review process, you will identify the most important systems by identifying the high-risk activities each system performs.

Read More

User Access Review Best Practices:            Step 1 - Building the Foundation

FINOSEC posted in Cybersecurity, Innovation, User Access, User Access Reporting, information security, infosec

0 Comments

Let’s acknowledge a few things at the start.

  1. User access reviews (UAR) are important, and increasingly so.

  2. Examiners expect you to complete them regularly.

  3. They’re a crucial element of your overall cybersecurity program.

  4. They’re complicated and they take time.

Read More

User access reviews are (not) hard and (don’t have to) take too much time!

FINOSEC posted in Cybersecurity, Innovation, community banking, User Access, User Access Reporting, information security, Information Security Officer, infosec

0 Comments

Do you believe the full title? Or do you believe the parenthetic comments are a better descriptor? Here’s a simple and universal truth of the human condition: we tend to avoid tasks we think will be hard. Or complicated. Or time consuming. Or all three!

Read More

FINOSEC’s technology-based pain reliever for your user access reviews

FINOSEC posted in Cybersecurity, Innovation, What's New, Latest News, Banking, community banking, User Access, User Access Reporting, information security, infosec

0 Comments

Financial institutions have long viewed user access reviews as a double edged sword. On one hand, regulators require them. They’re a crucial component in managing to least privilege. But they’re a challenge to conduct on a regular schedule. And if you have to rely on legacy technology and outdated manual processes, the frustrations can compound logarithmically.

But you don’t need to be stuck in the past. Help is on the way.

Read More

User access reviews are a nuisance. Not!

FINOSEC posted in Cybersecurity, User Access, User Access Reporting, information security, frequency, infosec

0 Comments

User access reviews are important. They also tend to be a complex, time-consuming task. When you add the regulatory and cybersecurity insurance expectations about these reviews and how often they really should be completed, it gets worse. Finally, to complete the picture, you may have to rely on legacy systems or tedious manual processes. It all adds up to one big “ouch.”

Read More