Privileged Access Management (PAM) - NY DFS Regulation
bert308558
142 views
13 slides
Jun 26, 2024
Slide 1 of 13
1
2
3
4
5
6
7
8
9
10
11
12
13
About This Presentation
Within the framework of the NY DFS Cybersecurity Regulation (23 NYCRR 500), the New York Department of Financial Services (NY DFS) has put in place laws pertaining to Privileged Access Management (PAM) and Multi-Factor Authentication (MFA).
Financial institutions operating in New York are mandated b...
Slide Content
Privileged Access Management (PAM): NY DFS Regulation Presentation on NY DFS Regulation for PAM and MFA, effective 25 June 2024. Bert Blevins https://bertblevins.com/ 25-06-2024
NY DFS Cybersecurity Regulation Overview The NY DFS Cybersecurity Regulation (23 NYCRR 500) mandates financial institutions to establish cybersecurity programs. These programs aim to protect customer privacy and financial services sector integrity. Cybersecurity Program Establish and maintain a comprehensive cybersecurity program. Customer Privacy Protect the confidentiality of customer information. Sector Integrity Safeguard the integrity of the financial services sector. Bert Blevins https://bertblevins.com/
Privileged Access Management (PAM) Requirements PAM controls are required for managing privileged user access to vital systems and data. 1 Track Accounts Keep track of privileged accounts. 2 Least Privilege Apply the principle of least privilege. 3 Regular Evaluation Evaluate and update access limits regularly. 4 Strong Authentication Implement strong authentication for privileged users. Bert Blevins https://bertblevins.com/
Multi-Factor Authentication (MFA) Requirements MFA is mandated for accessing sensitive data and essential systems. Users must provide two or more types of authentication. Password Something the user knows Device Something the user has Biometric Something the user is Bert Blevins https://bertblevins.com/
Compliance and Updates Stay updated on the latest NY DFS Cybersecurity Regulation version and modifications. Regularly check for new recommendations to ensure ongoing compliance. Monitor Stay informed about regulatory changes Update Adjust policies and procedures as needed Implement Apply new requirements to maintain compliance Bert Blevins https://bertblevins.com/
Importance of NY DFS Regulation Compliance with NY DFS regulations on PAM and MFA is crucial for financial sector security. It ensures integrity and protects sensitive information. 1 Global Impact Affects financial institutions operating in New York. 2 Cyber Resilience Strengthens defenses against cyber threats. 3 Enhanced Security Improves protection of sensitive financial data. 4 Risk Mitigation Reduces the likelihood of successful cyberattacks. Bert Blevins https://bertblevins.com/
Benefits of Compliance Compliance with NY DFS regulations offers several key benefits to financial institutions. Compliance Mandates Meets regulatory requirements and avoids penalties. Consumer Trust Builds confidence in the financial services sector. Cybersecurity Resilience Strengthens overall security posture against threats. Bert Blevins https://bertblevins.com/
MFA Key Requirement: Multiple Factors MFA requires users to provide two or more authentication factors. These factors fall into three categories: knowledge, possession, and inherence. Category Example Knowledge Password, PIN Possession Smartphone, token, smart card Inherence Fingerprint, facial recognition Bert Blevins https://bertblevins.com/
MFA Key Requirement: Factor Diversity MFA systems should use authentication factors from different categories for enhanced security. Combining factors improves authentication strength compared to using multiple factors from the same category. Password Something the user knows Biometric Something the user is Bert Blevins https://bertblevins.com/
MFA Key Requirements: Scalability and User Experience MFA systems must be scalable and flexible to accommodate various access scenarios. They should prioritize security while maintaining a user-friendly interface. 1 Scalability Adapt to diverse user populations and access needs. 2 Flexibility Support multiple authentication methods and scenarios. 3 User-Friendly Provide clear instructions and minimize authentication latency.
MFA Key Requirements: Integration and Monitoring MFA solutions should integrate with existing IAM systems and include monitoring features. 1 IAM Integration Seamlessly integrate with Identity and Access Management systems. 2 Adaptive Authentication Adjust requirements based on contextual factors. 3 Continuous Monitoring Monitor authentication activity and alert on suspicious attempts. Bert Blevins https://bertblevins.com/
MFA Key Requirements: Auditing and Reporting MFA systems should maintain comprehensive logs of authentication events. Robust auditing and reporting features are essential for compliance and security analysis. Event Logging Record timestamps, user IDs, and authentication factors used. Audit Trails Maintain detailed audit trails for security investigations. Reporting Generate reports on user access trends and compliance status. Bert Blevins https://bertblevins.com/
About Bert Blevins Bert Blevins is a dedicated professional with numerous certifications and degrees. He holds a Bachelor's in Advertising and an MBA. Phone 832-281-0330 Email [email protected] LinkedIn Profile Bert Blevins https://bertblevins.com/
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 142
- Slides 13
- Favorites 7
- Age 523 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views