Information Security and Compliance Services

CoNetrix specializes in providing security services for the financial industry (banks, savings associations, credit unions, and trust companies). Our extensive experience in working with financial institutions through examinations and audits makes us uniquely qualified to provide these services. CoNetrix security specialists understand the technology and applications utilized in the financial industry as well as the regulatory requirements imposed on individual institutions. CoNetrix strives to provide superior service and customer satisfaction. To see how CoNetrix security customers rate us, click here. Below are a few of the security and compliance products and services we can provide.

GLBA Compliance and ISO Consulting

Boost Consulting Services are designed to assist financial institutions (bank, savings association, credit union, or trust company) with their information security and compliance needs by providing professional consultants who are qualified information security experts in the financial industry.

Boost Consulting Services include:

  • Boost ISO—Information Security Officer support designed to complement the capabilities your financial institution currently maintains. Various services available include: incident response, employee security awareness training, annual report to the Board, security committee consulting, full information security program development and support.
  • Boost RA—development and maintenance of an Information Security Risk Assessment
  • Boost BCP—development and maintenance of a Business Continuity Plan
  • Boost POL—development and maintenance of the institution's Information Security Policies
  • Boost VM—assistance with the institution's vendor management program
  • Boost CAT—consulting and services association with the Cybersecurity Awareness Tool
  • Boost AM—audit and exam management services

External Penetration Testing

A CoNetrix Penetration Test allows you to identify potential weaknesses within your network perimeter, whether structural, technological, or procedural.

Areas Analyzed

A CoNetrix Penetration Test includes an in-depth analysis using multiple tools and focuses on the following areas:

  • Internet connections (scanned quarterly)
  • Phone lines
  • Scanning for thousands of vulnerabilities
  • Perimeter strength using non-intrusive hacker utilities
  • Employee security awareness (Social Engineering)

In addition, we can customize a solution to fit your needs. Some common variations include:

  • Internet Vulnerability Test
  • Social Engineering
  • Telecom Test

IT/GLBA Audit & Assessment Services for Financial Institutions

A CoNetrix IT/GLBA Audit and Network Assessment of your company's information systems will help you comply with regulatory guidance, the Gramm-Leach-Bliley Act (GLBA), and industry best practices.

Areas Analyzed

A CoNetrix IT/GLBA Audit and Assessment includes an analysis of existing Information Technology infrastructure, compliance with the Gramm-Leach-Bliley Act, policies and procedures, and security controls. Our Audit and Assessments include the following fourteen areas:

  • Audit processes and procedures
  • Management and operations
  • Vendor management
  • Information Security Program
  • Development and acquisition
  • Support and delivery
  • Information technology infrastructure (including virtualization if applicable)
  • Data and physical security
  • Wire/ACH Technical Controls
  • E-Banking
  • Disaster Recovery Planning/Business Continuity Planning
  • Identity Theft Prevention Program
  • Remote Deposit Capture
  • Unlawful Internet Gambling Enforcement Act (UIGEA)
  • Wireless

In addition, we can customize the audit engagement to fit your needs. In some cases, we are asked to narrow the scope of the engagement to one of the following types of audits:

  • Cybersecurity Assessment/IT Security Review
  • GLBA Audit
  • IT General Controls Audit
  • Network Vulnerability Assessment
  • Virtualization Audit
  • Wireless Assessment