Latest Tweets

Barclays is the first bank to use voice authentication in call centers via @BankTechNews in this BTC http://t.co/5Ah8u2PfGA

Visit Wolf & hear Jerry Gagne discuss DDoS Attacks 1-2 at @NYbankers #TCRM13 http://t.co/mDTmavNUaX

At NH Bankers Assoc's Annual Compliance Conference? See Wolf's @mattputvinski discuss 3rd Party Payment Processors this morning!

  Follow us on Twitter

  Visit us on LinkedIn

  Like us on Facebook

Banking Technology Connections: May 1, 2012

May 1, 2012


Welcome to Banking Technology Connections. The goal of the newsletter is to communicate recent trends and issues facing Banking Technology Professionals. If you would like to subscribe to this newsletter and receive it via email please contact Laura Lozada at llozada@wolfandco.com.

Sonny Handan: On Virtualization
Our Firm recently hosted a training on "Security and Auditing a Virtualized Environment".  This week-long class was attended Wolf's entire IT Assurance group as well as some of our clients.

One of the major "takeaways" which was continuously repeated during the training was that the virtual host needs to be protected at all cost.  The main concept of virtualization is the ability to run multiple machines while only using a single host. Needless to say, if the main host is compromised, it is very possible to take down the client servers within that host.

Another "takeaway" called for a layered approach to security, which not only involves firewalls, IDS/IPS system and antivirus solutions, but also entails using separate virtual local networks (vlans) in order to isolate and protect virtual environments.  In this instance, vlans would only be used for single purpose, e.g., Management vlan, server guest traffic vlan, backup vlan.

Other important topics discussed throughout the training included proper user access and administration, backup and disaster recovery solutions, resource management and usage, as well as monitoring, logging and alerting.

While virtualization has many advantages, it's important to be aware of the measures you should take to ensure your security is not compromised.  Please feel free to contact me if you have any questions about your own virtual environment at shandan@wolfandco.com.  

The first Tuesday of each month we will feature comments from our professionals on topical issues. Our first contributor is Sonny Handan who is a Senior Auditor in the IT Assurance Services group. He can be reached at shandan@wolfandco.com.

Interesting Articles of the Week
Did you check your machines? FBI Steps Up 'Internet Doomsday' Awareness Malware Campaign (Via @mattputvinski)

Banks Can't Afford to Be Afraid of Social Media (Via @banktech)

Fake Email Trick aims to Redirect Users to Malicious websites (Via @mbenlakhoua)

Banks May Not Be Able to Resist Bring Your Own Device (Via @banktech)

Do you have an article that you would like to share with the group?  Let us know and we will add it to the list! Did you miss a newsletter? Check out past newsletters here.

Upcoming Events
5/8/12 (Webinar)
Wolf & Company: Social Engineering: Security Goes Beyond Technology
(Speaker: Ryan Rodrigue)

5/9/12 (Rocky Hill, CT)
ISACA CT: Open for Business, Closed For Hackers: Challenges and solutions for End User Training and Compliance

5/11/12 (Cromwell, CT)
CT Bankers Association: IT Audit Training - Session I
(Speaker: Pat King)

5/15/12 (Waltham, MA)
ISACA / ISSA: May 2012 Joint Meeting

5/22/12 (Newport, RI)
ISACA RI: Annual Meeting and Seminar

5/23/12 (NYC)
ISACA NY: Network Audit and Security

5/23/12 (Westborough, MA)
Wolf CEO & Board University
As part of our ongoing commitment to contribute to the education of the industry's leaders, Wolf & Company is presenting our CEO & Board University Program. This timely program, originally created exclusively for our clients, is now open to the Boards of all local Community Institutions. Please pass on to whomever you feel may be interested.

6/6/12 (Saratoga Springs, NY)
NY Bankers Association: 9th Annual Technology, Compliance & Risk Management Forum

6/7/12 (Boxborough, MA)
MA Bankers Association: Bank Technology Conference

6/8/12 (Cromwell, CT)
CT Bankers Association: IT Audit Training - Session II
(Speaker: Will Nowik)

6/12/12 (Boston, MA)
ISACA NE: Annual Meeting and Full Day Training

6/15/12 (Marlborough, MA)
MA Bankers Association: Risk Managers Forums Session 2

Do you have an event that you would like to share with the group?  Let us know and we will add it to the list!

Questions?  Interested in learning more about Wolf's IT Assurance and Security services?
Please contact Matthew J. Putvinski, CPA, CISA, CISSP, Member of the Firm and Director of IT Assurance and Security services, at (617) 428-5479 or mputvinski@wolfandco.com.

If you would like to subscribe to this newsletter and receive it via email please contact Laura Lozada at llozada@wolfandco.com.

View more insights »


Your Contact

News view all