Global Digital Forensics Announces the Restructuring of its Vendor Security Review Service for Financial Firms

Share Article

With regulatory compliance, client privacy, firm integrity and public reputation all on the line, it has never been more important for financial institutions to know how protected they are when outside vendors are granted access to sensitive information. Even if point A and point B are safe, what about the road between them?

News Image
Even the largest and most technologically savvy institutions have fallen victim to cyber incidents and data breaches, so blind trust should never be the first and last line of defense.

Global Digital Forensics, Inc., has restructured its vendor auditing process to include a diverse offering of services designed to allow financial firms to review, audit and test their internal systems and applications in order to ensure data shared between the entities is maintained to their security standards. This service, while using PCI (Payment Card Industry) certified ASVs (Approved Scanning Vendors) and GDF's proprietary software and methods, is not designed to replace PCI compliance, it is designed to identify gaps in security between entities and their vendors and ensure the vendors’ policies and procedures are in line with theirs.

For example, an organization may use outsourced HR, benefits or legal billing vendors that are entrusted with employee data, or other sensitive information that is out of their direct control. In order to ensure vendors are compliant, organization’s can leverage GDF's experience, technology and partnerships to identify and remediate issues with vendors and partners, including public application security, perimeter security, internal controls and a variety of other critical security points which could put you data at risk.

There is a lot to consider. Maybe it’s an issue encryption would solve. Maybe there is a weak link in the routing, or possibly a lack of hardened security on the vendor side. If there is one lesson that should be crystal clear, it is that when information leaves an entity’s control, the possibility of being exploited is also being taken out of their hands. But the consequences will affect that entity none the less, both from a financial and public perception standpoint. Global Digital Forensics specialists will look at the big picture, focus in on potential problem areas, report the deficiencies to the client and offer remediation steps to rectify them.

An Interconnected World Means Interconnected Risk

Take the recent hack of Dropbox, a free online storage company. They were hacked and user email addresses and passwords were pilfered. Email addresses and passwords for a free vendor may not sound like a big deal, but since many people use the same passwords for multiple logins, who knows what kind of access a clever hacker could achieve from this haul, not to mention the fact that any kind of personal information can be used to craft very convincing spear phishing emails which could then in turn be used as the key to open the dreaded Pandora’s Box any financial firm fears, access to their internal network, by making it convincing enough to prompt interaction, be it a click of a link, or tempting the victim to open a malicious attachment.

Even the largest and most technologically savvy institutions have fallen victim to cyber incidents and data breaches, so blind trust should never be the first and last line of defense. And if the unthinkable were to happen and a breach does occur, Global Digital Forensics can effortlessly transition to an emergency response solution to stem the bleeding and mitigate the damage of an intrusion or breach before things spiral completely out of control.

For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical when a breach has occurred, so don’t hesitate to get help if an incident has already happened. For more information, you can also visit [http://www.evestigate.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Aris Demos
Visit website