IT security: Is your program still effective?
Abstract: In June 2011, the FFIEC issued Supplement to Authentication in an Internet Banking Environment, urging banks to tighten their controls on customer authentication. The FFIEC concluded that common authentication methods and controls have “become less effective” in an “increasingly hostile online environment.” This article shows how hackers have become more sophisticated, giving rise to the necessity of developing more complex defenses. These include “layered security” strategies, such as “out-of-band” authentication of high-risk transactions. The article lists additional tools and tactics recommended by the agency.