Compliance: Gain a Competitive Edge

Businesses are tasked daily to increase revenue and maintain profit margins. With today’s economy a competitive edge no matter how minuscule can be the difference between a win and a loss. We see this in retail, in the job market, in manufacturing and now in security and compliance.

I know. It’s hard to even think of the money spent on compliance

Risk Management through Common Sense

Disclosure: I'll start out with the intent of touching on being proactive rather than reactionary in regards to risk management....but we'll see where we end up!

This blog idea came to me while I was driving through middle-of-nowhere West Texas. I have always noticed the growing prevalence of people feeling they are owed things and the

Social Media and Banking – Its 1998 all over again!

This guest post is written by Paul Reymann, CEO and founder of the Reymann Group. He is one of the nation's leading regulatory experts and co-author of Section 501 of the Gramm-Leach-Bliley Act Security rule. He is also the author of numerous articles and papers on technology risk, transactional web sites, customer information, network security

Ditch the workout, join the party!

I’ve been trying to get back into a workout routine (a regular one that is) so I pushed myself to go to the gym. One particular aerobics class, Zumba, caught my attention. It seemed fun. I decided to wait an hour till that class started. If they could make exercise fun, I was in! Let me tell you I had a soaking wet BLAST! The class is only offered

Potential Lawsuits? Have you Practiced Due Diligence and Due Care?

To begin, I am not a lawyer by any means, but I have worked in the industry for almost two decades; the last ten years being heavily involved in the world of information security. I have seen and learned how many legal issues can come from security incidents, leading to a company ending up in court. I am writing this blog to let you know what can

In my Sock Drawer...

“Safety is not in the Absence of Danger.”

What a profound statement. In light of the saddening events at Fort Hood this is hits very close to home. A soldier deployed to Iraq had to call her husband at Fort Hood, to ensure he was safe. How ironic. It’s even more ironic that I once convinced a friend that it was archaic not to have a bank account

Make Compliance Fun - Recycling

Happy Friday everyone!

Another great video from the Volkswagen folks that take a mundane task like recycling bottles and turn the process into a game. It's good (read:fun) for the individual participating, good for the onlookers, and best for the environment. We think you can be just as creative for audit, risk, and compliance initiatives. Thanks

Preparing for the worst through employee training

Given the recent headlines from Jason Rodriguez, personnel or ex-personnel committing murders by gunning down fellow employees, how can your emergency plan be prepared? The Army can’t protect itself from a high ranking officer, who decides to go on a shooting spree. How does a company plan for an ex-employee, who was fired two years ago, to come

Security Buzz Words | Money Mules

An interesting article in Wired drew my attention to this post on the Internet Crime Complaint Center (IC3) website. Here's the Cliff Notes version: Bad people put malware consisting of remote control software and key loggers on a targeted business user's computer. They gather ID's and passwords and other authentication data. The bad people then

Compliance lessons from Kobe Bryant?

Despite my disdain for Kobe Bryant (it has nothing to do with him and everything to do with his team; sorry I am not a Laker fan) I learned something about compliance from him this past week. Kobe is a great basket ball player, an MVP with four championship rings, yet he is always looking to improve his game. Instead of becoming complacent, with

Facebook/Myspace: Being Social via Security Holes

The short of this article is that allowing flash applications in facebook/myspace is similar to the security issues we see with running "ajax" in browsers.

The long of the article is that an application is allowed to execute code within the flash environment. Normally, this behavior is limited to the local flash environment so the threat is

Sponsored Post: What is OFM?

OFM — Online Financial Management — applications are the next step beyond PFM (personal financial management) programs. For community and mid-market banks and credit unions trying to compete with top-5 national institutions, offering an OFM application on their online banking site can be a huge differentiator. According to Digital Insight’s 2nd

Collaboration Is Key To Increased Efficiency In Manufacturing

This article from InformationWeek is about Manufactoring. But, the principles apply to any organization attempting to increase their effectiveness with customers, vendors, partners, and other internal business units According to this article by Mary Hayes Weier, Manufactoring is ahead of the game.

But , any organization that recognizes the reduce

Live Science: How to Avoid the FDIC Email Scam

By Leslie Meredith

"Stop, think, delete & play hard to get" - This makes it sound so very easy yet many are sucked in by phishing scams - daily. No matter how tech savvy we are none of us are immune! The "hard to get" email address advice in the article is quite interesting. The thing is, I have had my email address since college (a longgggg time

Hello, this is Chuck. Can I have your PIN and Debit Card Number?

Ran across this article today on and reminded me that we have seen this simple scam recently too. At banks where we have seen this it looks like the phishers are just finding phone numbers in the phone book or local directories, picking a financial institution and calling all the people in the phone book, even if they aren't

RiskKey - Better Notifications and Private Messages

Since our new release at the beginning of October we've been working hard on getting the features you requested done. Two of the most asked for features we are happy to announce are now live.

1) Private Messages

In our messages section you always had a way to post a message to anyone that had access to the project but now we have a 'private'