2023 IT Examiner School
Internal Use Only
Bring Your Own Device (BYOD) BYOD is becoming more popular because it reduces costs to the institution & enables employees to carry one device instead of two
Institution may not have the ability to configure the devices or perform remote wiping if lost or stolen
Firms should have an effective method or solution to ensure that personal devices meet defined security standards (e.g., operating system version, patch levels, anti-malware solutions) before such devices are allowed to log on to the network
Internal Use Only
Customer Remote Access to Financial Services • Firms should implement appropriate authentication techniques commensurate with the risk from remote banking activities • Remote access controls should also include some combination of: Application timeouts with mandatory re-authentication Fraud detection & monitoring systems Dual customer authorization through different access devices Positive pay, debit blocks & other techniques to limit transactions Transactional value limits, restrictions on adding payment recipients Account maintenance controls • Customer education can also be used to mitigate risk
Made with FlippingBook - Share PDF online