The Federal Financial Institutions Examination Council (FFIEC) is a body that provides uniform principals, and standards for federal examination of financial institutions.
FFIEC calls for quarterly review of firewall policy that includes rules and policy audit or review. CyanLine offers a cost effective, in-depth firewall analysis package that denotes significant network additions, or modifications in accordance with NIST, PCI, and HIPPA/HITECH.
CyanLine’s regulatory compliance experts perform a firewall audit that does the following.
- Identify methods to reduce your vulnerabilities
- Secure systems to ensure firewall is hardened and working properly
- Verify rule sets and policies on ingress and egress points.
- Review the attack vectors where someone with malicious intent may attack the firewall
- Conduct employee interviews with those who have administrative access to the firewall.
What Specific Organizations Benefit from CyanLine’s FFIEC Compliant Firewall Analysis?
Any organization that is required to comply with FFIEC/GLBA, PCI, SOX, and HIPPA/HITECH. These organizations include:
- State member banks
- Bank holding companies
- Savings and loan holding companies
- Non bank subsidiaries of bank holding companies and of savings and loan holding companies
- Edge Act and agreement corporations
- Branches and agencies of foreign banking organizations operating in the United States and their parent banks
What is CyanLine’s FFIEC Compliance Process?
- The customer registers an account via our website. This is to ensure organization of information CyanLine provides to perform the analysis on the configuration files you provide to us, and ease of use for the customer to download the report.
- Each customer receives a 25 MB file upload quota, where the customer may securely upload firewall configuration files directly to the CyanLine team. You will receive a confirmation email as soon as you upload the files. The CyanLine team will also receive a notification.
- From this point, the CyanLine team will begin analyzing your configuration files.
What Can I Expect When CyanLine is Finished With The Review?
When CyanLine’s analysis is complete, we will provide a high level report. CyanLine’s report will include recommendations to not only improve your firewall rules, but also VPN configurations, management interfaces, and password requirements to maintain FFIEC compliance.
What Security Precautions Are Taken To Protect My Files?
CyanLine is first and foremost a very respected cybersecurity company that has been in business since 2004. We take the confidentiality and privacy of your information very seriously. There are numerous steps CyanLine has taken to protect the integrity of your files.
- This entire website is protected with a SSL certificate. That means that any information transmitted to and from this platform is encrypted.
- Restricted permissions on each directory that a customer uploads to is restricted to that user only. That mean’s you can only view, and download your own files.
- Website crawling is restricted. Normally, if a website is crawled, a malicious attacker could enumerate files within certain directories. Even if somehow a link to your file was discovered, it’s still restricted. That is taken care of by directory, and user permissions.
- CyanLine ensures a strong password is used by every customer that signs up with us on our website.
- Each user is forced to authenticate when anything is to be downloaded from our website.
- Two factor (2FA) option available for all CyanLine customers.
How To Get Started
CyanLine has made it very easy to get started. We have a highly secure customer portal for our customers to upload their configurations to the website for us to see. Once uploaded, our experts get notified and begin working on your project straight away. The average turnaround time for a single configuration set is less than one business day.
To get started. Register an account with us here.
Our experts will make contact with you to enable you for FFIEC Compliance access to the platform, which enables you to upload your files directly to us.