[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] NEW USA FFIES Guidance

To: "Casey DeBerry" <cdeberry@xxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: RE: [Full-disclosure] NEW USA FFIES Guidance
From: "Madison, Marc" <mmadison@xxxxxxxx>
Date: Thu, 13 Oct 2005 08:22:12 -0500

Did you read the full notice?  This link was at the bottom:
http://www.ffiec.gov/pdf/authentication_guidance.pdf in which the FFIEC
defines several ways to authenticate end users, but as Lyal Collins
pointed out it is all based on your company own risk assessment.


>For those that fall under US FFIEC governance, what are you doing to
satisfy these requirements?  I'd like to
>think I have more options than running to the store to pick up my RSA
keyfobs...  What about PKI?  Are there
>other. options for web based apps?
> 
>http://www.fdic.gov/news/news/financial/2005/fil10305.html
> 
>C. DeBerry

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service
Next by Date: RE: [Full-disclosure] password vaults-
Previous by thread: RE: [Full-disclosure] NEW USA FFIES Guidance
Next by thread: [Full-disclosure] [EEYEB20050510] - Microsoft DirectShow Remote Code Vulnerability
Index(es):
- Date
- Thread