CoNetrix tandem Internet Banking Security Program
On June 28, 2011, the FFIEC issued a supplement to the Authentication in an Internet Banking Environment guidance released in October 2005. The purpose of the supplement is to reinforce the guidance's risk-management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online banking environment.
The CoNetrix tandem Internet Banking Security Program aids in the compliance process by guiding financial institutions through the risk assessment and providing security awareness and education for customers. Developed by security and compliance experts, the program is divided into two components:
- The Internet Banking Risk Assessment features an easy step-by-step process with a questionnaire to identify risk levels and help assign layered controls to mitigate risk. Individual risk assessments can be created for different types of accounts (e.g., retail or commercial accounts).
- The Customer Education/Awareness Program provides financial institutions with tools to deliver education and security awareness to their customers.
The secure online portal allows users to create and manage their unique programs from any computer with an Internet connection. Responsibilities can be assigned to multiple users, who can each log in and complete various tasks.
The tandem Internet Banking Security Program is the latest module in the CoNetrix tandem Security and Compliance software suite, which currently serves more than 450 financial institutions, with over 9,500 active users in over 40 states. Other modules include information security risk assessment, policies, vendor management and business continuity planning.
This online banking security program merits an Innovative Solution Award based on its:
1. Ability to save financial institutions time and money with a ready-to-go solution.
2. Framework developed and updated by security and compliance experts.
3. Secure online portal with multi-user access and optional multi-factor authentication.
4. Generation of downloadable documents in Microsoft Word and/or Adobe PDF formats.