Pub. 2 2012-2013 Issue 4

O V E R A C E N T U R Y : B U I L D I N G B E T T E R B A N K S - H E L P I N G C O L O R A D A N S R E A L I Z E D R E A M S January • February 2013 17 By capitalizing and punctuating, their passphrases can end up being extremely strong, long passwords, but are also easy to remember. Patch Management: Patches are hard to manage in a simple, home environment...in a complex bank network with many users and many programs, it is no wonder they fall through the cracks so often. As increasingly more complex viruses expose the weaknesses of antivirus software, patch management is more crucial now in defending your network from attacks than in years past. Most environments have a handle on Microsoft patches, but third-party software like Adobe and Java patches are still difficult to manage. Adobe and Java updates are typically released to address security vulnerabilities, so patching third-party software should be part of your regular network maintenance or automated with the use of patch management software solutions. Mobile Devices: To revisit the convenience/security axiom, mobile devices are extremely convenient, so it would follow that they are not inherently secure. You have taken great care to physically and logically protect the workstations and serv- ers in your bank, but mobile devices take your data outside of your alarm system and firewall protection. Because of that, laptop security controls should include whole disk encryption, personal firewalls, physical security controls (e.g. cable locks), and user security training. A good security posture is a layered security posture. Ensuring your network is adequately protected in the areas mentioned above will add several layers of protection and will help thwart many threats to your confidential bank and customer information. Q Stephanie Chaumont is a Security and Compliance Consultant for CoNetrix. CoN- etrix is a provider of information security consulting, IT/GLBA audits and security testing, and tandem – a security and compliance software suite designed to help fi nancial institutions create and maintain their Information Security Program. Visit our website at www.conetrix.com . Ensuring your network is adequately protected in the areas mentioned above will add several layers of protection and will help thwart many threats to your confidential bank and customer information. Experience the power. Go to zachisunderstood.com. Power comes from being understood SM . A partner who really knows your game is a key part of any strategic approach. And when you trust the advice you’re getting, you know your next move is the right move. That’s what you can expect from McGladrey. That’s the power of being understood. Call Steve Riddle at 303.298.6400. Is 6 enough? Yeah. You’re a little pumped. Team McGladrey Golfer Zach Johnson and his caddie, Damon Green. Assurance z Tax z Consulting McGladrey is the brand under which RSM McGladrey, Inc. and McGladrey & Pullen, LLP serve clients’ business needs. The two firms operate as separate legal entities in an alternative practice structure.