Internet Banking News

October 31, 1999

FYI - The GAO report to the Chairman of the Board of the Governors of the Federal Reserve System on "Areas of Improvement in Computer Controls" can be read at http://www.gao.gov/new.items/ai99280.pdf.

INTERNET SECURITY - Many break-ins or insider misuses of information occur due to poor security programs. Hackers often exploit well-known weaknesses and security defects in operating systems that have not been appropriately addressed by the institution. Inadequate maintenance and improper system design may also allow hackers to exploit a security system. New security risks arise from evolving attack methods or newly detected holes and bugs in existing software and hardware. Also, new risks may be introduced as systems are altered or upgraded, or through the improper setup of available security-related tools.

FYI - Your Network Administrator needs to stay abreast of new security threats and vulnerabilities. It is equally important that you keep up to date on the latest security patches and version upgrades that are available to fix security flaws and bugs. Information security and relevant vendor Web sites contain much of this information. While I monitor Novell and Microsoft's newsletters for any potential problems, you should also be reviewing your vendor's web site for new security threats and vulnerabilities that affect your computer operations.


INTERNET COMPLIANCE - Generally, Internet web sites are considered advertising by the regulatory agencies. In some cases, the regulations contain special rules for multiple-page advertisements. It is not yet clear what would constitute a single "page" in the context of the Internet or on-line text. Thus, you should carefully review your on-line advertisements in an effort to minimize compliance risk.

In addition, Internet sites in which a credit application can be made on-line may be considered "places of business" under HUD's rules prescribing lobby notices. Thus, institutions may want to consider including the "lobby notice," particularly in the case of interactive systems that accept on-line applications.

WEB PAGES - If you link your web pages to other sites, the following or similar disclaimer is recommended as a separate web page when the visitor leaves your site. " Links to other web sites found here are provided to assist in locating information. The mere fact that there is a link between this web site and another does not constitute a product or program endorsement by your bank or any of its affiliates or employees. The bank has no responsibility for content of the web sites found at these links, or beyond, and does not attest to the accuracy or propriety of any information located there. "

Back Button

Go to the Bank Web Site Audit home page.

Company Information
Yennik, Inc.

4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

 

Please visit our other web sites:
VISTA penetration-vulnerability testing
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
US Banks on the Internet  
US Credit Unions on the Internet

All rights reserved; Our logo is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated