Step 1: A.User enters id/pw for FI: encrypted in Quicken PIN vault B.Id/pw transmitted to Intuit CustomerCentral Servers at NCR using 128 bit SSL Step.

Slides:

Advertisements

Similar presentations

Innovating Since 1998 Direct EDJE, we make A World of Difference Direct Response Order Management Software A Proven Solution Since.

Advertisements

Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Auditing Corporate Information Security John R. Robles Tuesday, November 1, Tel:

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

Secured Hosting Services Tom Carter. What is Application Hosting… Increasingly popular practice of outsourcing software applications to 3 rd party providers.

AFCOM Facility Presentation Directlink Technologies Corp. April 8, 2011.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

SUNGARD AVAILABILITY SERVICES Overview for New Jersey Higher Education Institutions In conjunction with NJEDge and SunGard Higher Education Ocean County.

Directors’ College 2007 Protecting Your Customers’ Privacy A Directors’ Guide to GLBA By David Abbott, FDIC IT Examiner.

J. K. Dietrich - FBE Fall, 2005 Deposit-Taking Institutions Week 2 – August 31, 2005.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

IStreet Solutions Where Performance is Measured By Results.

Secured Hosting Services Frank Adams / Tom Carter.

User Group 2015 Security Best Practices. Presenters Steve Kelley, COO 31 years experience building and managing operations and service delivery organizations.

Top 10 Things a New BSA Officer Must Know. What is Associated Risk Group? Premier provider of BSA/AML regulatory best practices to financial institutions.

Security audits. Today’s talk  Security audits  Penetration testing as a component of Security auditing  Different types of information systems security.

U.S. Financial Regulations

Crexendo, Inc.. Everything Is Moving To The Cloud. “I realized when using the Amazon Cloud for music that… Having all stored files available at a moment’s.

Section 12-2-Regulatory Agencies and Laws.   These agencies make or enforce rules and regulations  Agencies provide oversight or supervision of activities.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

MCUL – Key Regulatory Issues MCUL’s Regulatory Affairs strategy and focus revolve around the central themes of advocacy, information, and implementation.

MANIT WEB HOSTING SERVICES Presented by - Sandeep Jain & Devesh Lal CRISP, Bhopal.

Joseph Ferracin Director IT Security Solutions Managing Security.

Chapter 4 Federal Reserve System © 2000 John Wiley & Sons, Inc.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

September 14, David A. Reed Attorney at Law Reed & Jolly, PLLC (703)

Chapter 6 of the Executive Guide manual Technology.

Looking beyond the obvious!! HOW SECURE IS BANKS’ CORE DATA? Prashant Pande Head Professional Services IDBI Intech Ltd.

Supervision of Information Security and Technology Risk Barbara Yelcich, Federal Reserve Bank of New York Presentation to the World Bank September 10,

IS Network and Telecommunications Risks Chapter Six.

© Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.

About Reval Jan 1, About Reval Founded in 1999, Reval has over 500 clients and 275+ employees globally. Reval team comprises of software and financial.

IMFO Annual Conference – 2015 S21: Good Governance & Oversight B2B.

Michael Petterson Vice President Finance & Treasury Status of Open Audit Points Finance &Audit Committee Meeting July 16, 2012.

C r e a t i n g S o l u t i o n s B u i l d i n g C a r e e r s Lee Bramman NCR Corporation January 26, 2006.

CPS ® and CAP ® Examination Review OFFICE SYTEMS AND TECHNOLOGY, Fifth Edition By Schroeder and Graf ©2005 Pearson Education, Inc. Pearson Prentice Hall.

Chapter 12 Buying and Selling Investments. Slide 2 What Regulatory Agencies Help Consumers? Banks, brokerage companies, and other financial businesses.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

Indiana University Professional Opportunities Orientation Program Kevin Campbell IT Manager.

Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.

IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.

Chapter 8 Auditing in an E-commerce Environment

1 I.U. Professional Opportunities Orientation Program Kristin Gaines Manager, Global Financial Support & Services.

Financial Sector Interdependencies/Dependencies From a Regional Financial Institution Perspective May 2, /1/20161.

© Xplore Solutions. All rights reserved

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

E-Business – Technology and Networks Barani institute of Management sciences Fazal Rehman Shamil

MAC Internal Audit Dept.

Web Werks Data Center achieves PCI DSS Certification.

Onsite CRM Security

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance

Payment card industry data security standards

SUNGARD AVAILABILITY SERVICES

Welcome Mass Placements Vijayanagar Bangalore.

Payment Card Industry Data Security Compliance

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance

A Better Choice For COMPANY NAME

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance

SUNGARD AVAILABILITY SERVICES

University of Maryland Robert H. Smith School of Business

Presentation transcript:

Step 1: A.User enters id/pw for FI: encrypted in Quicken PIN vault B.Id/pw transmitted to Intuit CustomerCentral Servers at NCR using 128 bit SSL Step 2: A.Credentials stored in CC database using 3DES. B.Credentials transmitted to bank web site using 128 bit SSL. Step 3: A.Bank QFX files transmitted to CC server using 128 bit SSL B.Logoff bank site. Step 4: A.QFX file received from bank, stored in database. Account number encrypted with 3DES. B.EWC data transmitted to Quicken, 128 bit SSL Step 5: A.Data received from Intuit Servers, stored in Quicken.

NCR at a Glance 100+ year old company $5.9B in revenues 32,800 employees worldwide $2.9B in services revenue Nearly 20,000 service professionals NCR Executive Committee Retail and Financial Group Americas/Europe/Asia-Pacific/Japan Retail Solutions Division Financial Solutions Division Teradata Division Worldwide Customer Services Division Systemedia Division Systemedia Division

NCR eCommerce Facts Business startup in 1997 >40% compounded annual growth rate eCommerce Solutions Across All Industries, with focus on Finance Industry –140 banks hosted in data center Deploy eCommerce Managed Solutions In- House or Outsource (2) eCommerce Data Centers (Columbia, MD; Columbia, SC) (1) Disaster Recovery Hot Site (Dayton, OH)

Secure, High Availability Data Center “IT Managed Services” PLANT POWER eCommerce Data Centers Diesel Generator Backup Battery Room -- UPS Command Center - Monitoring - Bandwidth - Data Communications PING

NCR Secure, High Availability, Hosting Data Center Infrastructure Services Hosting Availabity + Security -High Availability -UPS and Diesel Generator -Redundant Environmental Controls -Card Access Security -Security Cameras -Smoke and Water Detection -Fire Suppression -Redundant Power Grids -Dual Fiber Optic Rings Financial Institution Experience: Currently hosting over 130 internet Banking sites, including 4 top 50 Same data center as 300 bank core systems NCR Personnel Expertise -24x7x365 Management of Hosted Applications -OS Management to Include Teradata/Windows/Linux/Unix -Certified OS Engineers -Security and Network Consultants -Database Administrators -Certified Router and Firewall Consultants Security and Compliance -Vulnerability Assessments and Penetration Scans -Internal and External Intrusion Detection -Monthly Executive Summary Security Reporting -Security Fraud Detection Service -Annual SAS 70 Type II Certification -FFIEC, OTS, OCC Compliance and Annual Review

NCR eCommerce Security Redundant Checkpoint Firewall Configuration RealSecure Intrusion Detection Solution from ISS Monthly Third Party Security Consulting Annual Vulnerability Assessments Quarterly Penetration Scans Charter Membership in Infragard NCR is constantly monitoring its adherence to best practices and subjecting itself to the most stringent third-party audits available. For example, each year in addition to NCR corporate audits, an independent auditing company performs a SAS 70 Level 2 audit of the NCR eCommerce Data Center. NCR is also audited by the Federal Financial Institution Examination Council (FFIEC). This interagency body is comprised of the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC) and the Office of Thrift Supervision (OTS). It is this commitment to excellence which sets NCR apart when it comes to secure hosting and outsource services.