Jump to content

Get Your
Free 30-Day Trial WhatsUp Gold

Gramm-Leach-Bliley Act (GLBA)

Ensuring Network Health and Security Monitoring for Financial Services Firms in the United States

The Gramm-Leach-Bliley Act (GLBA) mandates that every financial institution, whether they publish non-public information or not, must have in place a policy to protect the information from foreseeable threats in security and data integrity. In particular, the Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for and plans to continue to protect clients’ nonpublic personal information. This plan would include a thorough risk assessment of all departments dealing with non-public information and developing, monitoring, testing and adapting information controls to secure such data.

With the non-public financial information being used, stored and transmitted within the IT environment, network security and health monitoring is crucial to maintain the desired levels of data protection and safeguards. Both the WhatsUp family of Log Management solutions as well as the WhatsUp Gold family of infrastructure and applications monitoring and management products offer support towards maintaining the security of non-public information as mandated by the GLBA. Some illustrative examples of how each of these product families offer compliance support for GLBA are provided below:

WhatsUp Log Management:

  • Comprehensive collection and storage of user and system activity across all infrastructure that is  involved in non-public information data processing, transmission and storage
  • Real-time views of event log data enabling spot check audit and analysis to validate that adequate compliance processes are in place
  • Identification of network security threats or compromised access to non-public information  through automated filtering, correlation and analysis of detailed event log data from multiple sources
  • Immediate alert generation and notification when potential threat patterns are identified by the administrator to enable appropriate security incident response
  • Forensic analysis of stored event log data to support GLBA compliance audits and breach investigations

WhatsUp Gold Infrastructure and Application Management:

  • Single platform coverage of all infrastructure components supporting non-public information processing, transmission and storage for better correlation and insight
  • Monitoring of all access points on the network (physical and wireless) to prevent unauthorized connections
  • Identification of internal (e.g. after a virus intrusion) or external (e.g. denial of service) attacks and initiation of problem triage
  • Maintaining the health of infrastructure and application assets and ensuring access to data and management information as required