How do the U. S. federal and state compliance laws affect the given problem and influence the solutions taken by the company? It affects the given problem because the company is a financial Institute as in with this financial Institute and all financial Institutes it must be in compliance and meet the requirements of the Federal information processing standards(FIPS) 140-2 The FIPS 140-2 certification is important Because the company handles sensitive data and it requires encryption.
Any form of encryption, it will likely require validation against the FIPS 140 criteria by the Cryptographic Module Validation Program (CMVP) run jointly by NIST in the United States and CSE in Canada any solution to the given problem must be influenced by all federal and state compliance laws. All financial institutions must also be in compliance with (ATTUS Technologies, Inc. )” The Gramm-Leach-Bliley Act (GLBA) was created to protect consumers’ personal financial information held by institutions.
What is key to understand with GLBA compliance, and successfully passing a GLBA risk assessment, is that to truly meet the requirements a financial institution must not only show proof of the presence of controls needed that are regulated but you also need to show auditors the actual presence of the controls that are mandated. GLBA compliance equals having systems and safeguards in place to protect customer data.
Information security programs must be established that not only maintain confidentiality of sensitive information, but protect the entire infrastructure against threats and data breaches”. To be to ensure the the financial records and personal data of our customers is safe ABS – TXR mobility Guardian was chosen for the encryption of sensitive data and hardware ABS – TXR will encrypt file and folder and full disk ABS – TXR mobility Guardian is in full compliance with FIPS 140 – 2 so this solution takes care of both our needs and the federal government’s compliance regulations.
I know the cost of becoming FIPS 140 – two compliant is not cheap but The cost of becoming compliant far outweighs the cost of of the company not being compliant think of it like this what is the cost of a laptop versus the loss of information on the laptop what is the cost to the company’s reputation if sensitive data is leaked the loss of customers and business could be devastating by becoming FIPS 140 – 2 compliant the company is saving unknown amounts of potential losses due to lost data.
As a customer myself I know that my money will be safe and my personal information will be safeguarded by this Institute because they are in compliance with the federal government. Also as a customer I like to be able to easily access my account using the ABS – TXR solution this can easily be accomplished.
References FIPS 140-2 Overview. (n. d. ). Rycombe Consulting – IT Security Certification. Retrieved from http://www. rycombe. com/short140. htm GLBA Compliance – Gramm Leach Bliley Act Compliance. (n. d. ). ATTUS Technologies Home Page. Retrieved from http://www. attustech. com/glba/glba-compliance. aspx? pi_ad_id=11177113505&_kk=glba%20compliance&_kt=4a13db1a-f9db-4a1f-abef-6c38541fc5e2&gclid=CJKbid-IxrICFWjhQgodp0wAsw