Reporting a security Incident
- Employees encouraged to report suspicious or unauthorized use of confidential data
- Not always intentional
- Notify security coordinators
- Anonymous reporting
Citrix ShareFile
- Granular File Permissions
- FINRA Compliant
- Office 365 Integration
- User/Client Friendly
- Customizable Document Retention
Abb.: 7
Abb.: 6
(cc) image by anemoneprojectors on Flickr
New Tech
Computer Update Policy
- Security Updates/patches installed on Friday afternoon
- Prompt to reboot or continue working - 3 hours
- Reboot if no response within 1 hour
Advanced Threat Protection
- URL ReWriting
- Attchment Sandboxing
We guarantee you no smoking
IT POLICIES
Traphagen Financial Group
Tech Review
- Minimum 12 characters upper & lower case
- Mix of letters, numbers, special characters
- Should not be guessable personal info, self, pet, children, birthdays etc.
- 90 day reset
- 5 failed logins will lock your account
- Reminded to change password 14 days in advance
- Different passwords for each system/application
- Ways to create/remember in policy doc page 6
- Able to change password through VPN if out of office
Confidential Data Policy
- Encryption
- Secure Work Space
- Removable Media/Secure USB Drives
- Document Shredding
- Physical Destruction of Harddrives/CD's etc.
- Hard Drives Encrypted
Remote Access Policy
- GoToMyPC, citrix, etc. prohibited
- Remote access on company laptops through netextender or personal devices through secure web portal. Https://vpn.tfgllc.com
- Two Factor Authentication. Mobile number generator app
- VPN will time out after 1 hour of inactivity
- Login is same as your network password
Mobile Device Policy:
- Kept out of sight when not in use
- Do not store in cars
- Privacy screens for laptops
- In the event a device is lost stolen or no longer employed - company reserve right to wipe phone
- Prohibited from connecting to free/unsecured wifi
- Encourage phone or jet pack hot spot
- Saving of company data on laptops prohibited
October 22, 2018
THREATS
People are generally
the most significant threat
In the News
Everyone responsible for security
" Confidential Data"
Protect clients information including ss#, FEIN, account numbers, etc.
Review and Monitor Security Program
Security Coordinators
- Chris
- Peter Jr.
- WSITS
- Beware of Emails requesting personal Information
- Don't reply to or click on a link in an unsolicited email asking for personal info.
- When in doubt, log onto the main website address of your bank, CC company or brokerage firm
- Hover over links
Heute
Stetig wachsende Anforderungen
Früher
Einführung des AC´s
- Schriftliche Bewerbung
- Persönliches Gespräch