NYSE Blue Security Concerns for Offset Registries

Slides:

Advertisements

Similar presentations

© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.

Advertisements

Installation & User Guide

Module 4: System Maintenance Intuit Financial Services University Internet Banking Certification Training.

Janice Kephart Director of National Security Policy, Center for Immigration Studies Heritage Foundation July 14, 2009.

GETTING STARTED WITH LFM Welcome to the Professional’s Approach to Indexed Annuities Presented by: LFM Fixed Strategies Insurance Services Florian Spinello.

BANK WIZARD Bank account verification Presented by: Aidan Sparrowhawk Date: 18 th September 2007.

Anti-Money Laundering (AML)

First Practice - Information Security Management System Implementation and ISO Certification.

Know Your Client Information System 1. Central KYC Organization (CKO) Introduction  Presently, a t the time of opening of new client account, capital.

1. 2 ECRF survey - Electronic signature Mr Yves Gonner Luxembourg, June 12, 2009.

Deutsche Woche 2014, St. Petersburg, Alexander Mosyagin Deputy Chairman of Commerzbank (Eurasija) SAO Latest developments in Russian anti-money.

NAMS Account Activation Training. 2 What is NAMS? The NASA Account Management System is NASA’s centralized process for requesting and maintaining accounts.

Planning an Audit The Audit Process consists of the following phases:

Landlord Utility Services Work Instructions. To enter the portal, simply enter your assigned User ID and Password, provided by Consumers Energy. Log In.

2 1.Client protection principles 2.Principle #6 in practice 3.Two components of protecting client data 4.Participant feedback 5.Practitioner lessons and.

Switch off your Mobiles Phones or Change Profile to Silent Mode.

2010 Test Security 2011 Campus Test Coordinator Training Test Security January 26, 2011 Freeport Intermediate school.

© NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011.

CHAPTER 5 In this world nothing can be said to be certain, except death and taxes. Benjamin Franklin.

September 23, 2015 Sacramento, CA Zhang Xiaoguang Sinocarbon Innovation & Investment Co.,Ltd. T ITLE ADMINISTRATION OF REGISTRY IN CHINA W ORKSHOP “B UILDING.

Red Flag Training IDENTITY THEFT PREVENTION PROGRAM OVERVIEW AUTOMOTIVE.

Chuck Seidler California Air Resources Board September 2015.

BobcatBUY Frequently Asked Questions Procure to Pay Services Updated 2/1/2012 Table of Contents.

ANTI-MONEY LAUNDERING COMPLIANCE PROGRAM FCM TRAINING

 The mission of the Human Resources Department is to safeguard the employee’s best interest, as they are Garrison’s most valuable asset, and without.

© Experian Limited All rights reserved. Experian and the marks used herein are service marks or registered trademarks of Experian Limited. Other.

OPPORTUNITY BRIEFING.

Academic Year 2014 Spring Academic Year 2014 Spring.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

Access Security IS3230.

Page 1 of 42 To the ETS – Create Client Account & Maintenance Online Training Course Individual accounts (called a Client Account) are subsets of the Site.

Prospective Vendor Orientation. dvrcolorado.com The Mission of the Division of Vocational Rehabilitation (DVR) DVR assists individuals whose disabilities.

Global Field Operations From Vision to Value Cisco Confidential1© 2011 Cisco and/or its affiliates. All rights reserved. Access to PMC Partner Training.

Copyright 2013 Exostar LLC.| All Rights Reserved.| Proprietary and Confidential1 Identity Proofing Service United Technologies Corporation September 26.

Identity Theft: How Vulnerable are you? Ronald J. Leach.

company registration, india trademark registration, trademark attorneys india, patent attorneys india, patent registration india company registration,

Anti Money Laundering Know Your Customer. Anti Money Laundering There is some very strong legislation in force in regard to Anti Money Laundering do’s.

John Robinson Identity Management: Do You Know Who You Are Doing Business With?

To the ETS – Accounts Setup and Preferences Online Training Course

Welcome! To the ETS – Create Client Account & Maintenance

Financial Service Centers of America

Handling Personal Data

Chapter 4 Internal Controls McGraw-Hill/Irwin

Information Destruction; 2017 and beyond!

Cyber Security What’s really going on in ‘Cyber space’ & Why security matters Gary Hibberd Managing Director of Agenci & Cyber Geek

Service Organization Control (SOC)

THE STEPS TO MANAGE THE GRID

When you get caught for Identity Theft

Client Onboarding Process Flow

Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop

The new data protection rules

© 2017 Universal Service Administrative Co.

What is Machine to Machine (M2M) communication?

Subject Access Request Online Form

Legal Framework for Civil Registration, Vital Statistics

County HIPAA Review All Rights Reserved 2002.

Preschool Promise Eligibility Training

Compliance….GlobalSearch……WHAT?!?!

Identity Theft Prevention Program Training

PART II.. PART II. AGENDA- PART II (chapter 5) Identification and client due diligence procedures Reliance on third parties Identification of individuals.

Introduction to Invoicing

To the ETS – Accounts Setup and Preferences Online Training Course

Chinese wall model in the internet Environment

Colorado “Protections For Consumer Data Privacy” Law

Employee Cybersecurity Program

Session 1 – Introduction to Information Security

Getting the Green Light on the Red Flags Rule

New Police Vetting Requirements

Access Procedure By Gilt Account Holders to Web-Based NDS-OM System

Presentation transcript:

NYSE Blue Security Concerns for Offset Registries July 26, 2011 © NYSE Blue. All Rights Reserved.

Security Framework for an Offset Program Registry Technology Know Your Client Procedures Program Legal & Operational Rules Training on User Best Practices Thank you Joel and good morning everyone; I just want to take a moment to congratulate Joel, Gary, and the whole CAR team for the recognition they’ve gotten over the course of the last few months. Having worked with this wonderful group of people for now over 3 years ….. I can tell you they deserve the appreciation! When Joel called and asked me to speak about registry security….I had 2 reactions.. 1. oh boy, how am I going to make this one interesting! 2. with my luck there will be a hacker in the audience who makes it his life mission to prove me wrong But seriously,there is a good story to tell about the security framework CAR has in place. That’s because long before the European issues broke….well over 2 years ago, Car was committed to working with then APX / NYSE Blue in creating a rigorous security framework for the registry. Since carbon is essentially unregulated, this security framework is not just about technology. -- although that is certainly important There are no regulators involved so CAR needs to include It also includes: know your client procedures, … proper operating rules;.. And informing users about best practices in using the registries. All of these things play an integrated role

Registry Technology Encrypted connection (HTTPS) Disable user ID upon 3 incorrect logins Ongoing vulnerability testing for registry Later this year, introduction of two-factor authentication

Know Your Client Procedures Identify clients and ascertain relevant information about their businesses Request copies of documents confirming identity of legal entity organization documents, memorandum of incorporation, bank accounts, utility bills Become familiar with the principals and ask for identification documents such as drivers license, passports, and birth certificates Review marketing materials and business plan Perform OFAC / AML checks to ensure entities not found on Terrorist Watch lists. Monitor activity to ensure it matches the company profile

Program Legal & Operational Rules Omnibus accounts Only a regulated entity can maintain an omnibus account (and these regulated entities must show proof of proper KYC procedures) Certain unregulated entities can be given the ability to maintain omnibus accounts Retail Marketers Retirement of greater than 99 credits on behalf of a client must be done in an specific client sub-account Retirement of greater than 99k credits on behalf of a client must be made public

Registry User Best Practices Use latest anti-virus protection programs Update contact information for users/logins to their account Perform weekly/monthly account reviews to ensure data is correct Users should not access The Reserve from public locations where others could capture their confidential information. Users should pay close attention to the registry notifications for transfer confirmations.