Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Compliance

02:30 PM
Martha A. Dean, SVP, Operations Officer, Wainwright Bank & Trust Co. (Boston)
Martha A. Dean, SVP, Operations Officer, Wainwright Bank & Trust Co. (Boston)
News
Connect Directly
RSS
E-Mail
50%
50%

Massachusetts Privacy Regulations Are Step in the Right Direction

Banks are well positioned to comply with the regulation due to preexisting measures currently in place for data protection and privacy.

Martha A. Dean
The new Massachusetts security regulation, although well-intended for data protection, may present some challenges to many companies in and out of Massachusetts. Banks are well positioned to comply with the regulation due to the preexisting measures currently in place for data protection and privacy, such as the Gramm-Leach-Bliley Act (GLBA) and other security-related regulatory requirements. Banks currently deploy tools such as virus protection, intrusion detection systems, patch management controls, encryption and firewall rules in order to maintain effective information security controls.

Many companies have or could develop comprehensive security programs consisting of policies, procedures and monitoring efforts. However, it is the encryption standards that may pose a technical challenge faced by many companies. The encryption requirement includes laptops, BlackBerry devices, e-mails, portable devices and more. E-mail encryption solutions alone can be costly and must be well planned for customer acceptance and communication flow.

The intent of the regulation is a step in the right direction to ensure that companies are focused on data security and have an understanding of their network configurations, firewall management, vulnerability testing and remediation, as well as data storage areas. A national standard is probably not too far away based upon the potential risk of compromise on a national level. Overall awareness of information security standards, protective technology, potential threats and effective incident-response activities is good practice on both personal and corporate levels. The dangers are ever-changing, and the ability to protect and defend against such threats is an enormous challenge for everyone.


Massachusetts Privacy Regulations Are Step in the Right Direction
Mass. Privacy Rule Doesn't Translate to National Standard
New Encryption, Vendor Privacy Requirements Good for Banks
Banks Spend in Wrong Privacy Areas

Register for Bank Systems & Technology Newsletters
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.