Cygna Labs
Book a Demo
shield

Strengthen your organization’s cybersecurity posture with software solutions from Cygna Labs

Meet GLBA Compliance Requirements

The Gramm-Leach-Bliley Act (GLBA) states that all financial institutions doing business in the United States must implement appropriate information security controls to ensure the security and confidentiality of customer information, protect against unauthorized access to information, and prevent future threats.

Protecting Personal Financial Data of US Citizens

GLBA Enables Large Financial Services Organization Mergers

The Gramm–Leach–Bliley Act (GLBA) is a modernization of certain aspects of the US financial system. It removed barriers that prevented a financial services organization from acting as a combination of an investment bank, a commercial bank, and as an insurance company.

Mandatory Personal Data Requirements

As a result of the increased risk to personal data that would be caused by resulting corporate mergers, GLBA includes three requirements for personal data protection. These three requirements, the Financial Privacy Rule, the Safeguards Rule, and the Pretexting Protection, are mandatory for all US financial institutions.

Examples of Addressed GLBA Compliance Requirements

Cygna Auditor addresses topics in the FFIEC IT Examination Handbook, which includes both Tier I and Tier II Objectives and Procedures. Note that the list below is not exhaustive, but only a sample of requirements that Cygna Auditor can address.

Tier I

Objectives 2(4), 2 (6), 6 (3)

Tier II

Procedures / A (Authentication and Access Controls)

Authentication (2) (4) (7)

Tier II

Procedures / C (Host Security)

(7) (9)

Tier II

Procedures / G (Application Security)

(1) (3) (7)

Tier II

Procedures / M (Security Monitoring)

(1) (2) (5) (6) (7) (8) (9) (14) (18) (22)

Tier II

Procedures / A (Authentication and Access Controls)

Access Rights Administration (1) (2)(4) (5) (6) (7)

Tier II

Procedures / B (Network Security)

(8) (12) (19)

Tier II

Procedures / D (User Equipment Security)

(3) (6)

Tier II

Procedures / L (Data Security)

(2) (3)

Monitor Activity on Secured Systems

Cygna Auditor monitors all successful and failed data activity such as file or folder creation, access, updates, deletions, who made the changes and when they were made.

Monitor Activity on Secured Systems

Real-Time Notification of Sensitive Changes

Cygna Auditor's built-in and custom alerting notifies you of critical changes such as membership changes to privileged groups.

Real-Time Notification of Sensitive Changes

Privileged Account Management

Cygna Auditor allows you to monitor all changes made by privileged accounts to ensure they adhere to regulatory and organizational policies for the protection and privacy of data as well as that they do not abuse their unrestricted access.

Privileged Account Management
icon

Meet GLBA Compliance Requirements