ThreatLocker and GLBA Compliance

3 min. readlast update: 04.24.2023

Introduction

ThreatLocker's tools can assist your organization in becoming compliant with the United States Federal Trade Commission’s (FTC) Gramm-Leach-Bliley Act (GLBA) Safeguards Rule. When configured correctly, ThreatLocker can be used to meet specific requirements and can provide tools to support meeting other requirements.

Summary

The standards outlined in the first publication of the GLBA Safeguards Rule include broad and non-prescriptive security requirements that financial institutions must meet to become compliant with the law. The standards were written in this manner to give financial institutions enough flexibility to tailor the security requirements to the needs of their business while ensuring that the Rule’s objectives are met.

For more information about GLBA, such as updates/revisions, scope/applicability, and more, please see the official legislative text/documentation, which can be found at https://www.federalregister.gov/documents/2002/05/23/02-12952/standards-for-safeguarding-customer-information

ThreatLocker can be used to meet the following GLBA Requirements:

314.4(B)

Establish an information risk management capability designed to identify, assess, rate, treat, communicate, and track reasonably foreseeable internal and external risks that could impact the security, confidentiality, or integrity of NPPI about consumers, minimally covering the following areas:

Employee training and management

  • ThreatLocker provides organizations with the ability to effectively manage employees by limiting file access and permitted actions and/or application use.

Information systems, software, networks, and information processing, storage, transmission, and disposal

  • ThreatLocker protects information systems, software, networks, and information processing, storage, transmission, and disposal by establishing a zero-trust environment, allowing only authorized access or actions by permitted users or approved applications.

Security incident detection, prevention, and response and other system failures

  • ThreatLocker can detect, prevent, and respond to security incidents before they occur by limiting access and actions by both users and applications, while simultaneously maintaining detailed records of all activities occurring within a protected system or network. ThreatLocker Ops uses the telemetry data collected across all the ThreatLocker modules to identify and respond to potential indicators of compromise or weakness in the environment (e.g., a vulnerable version of MS Exchange). Once parameters are set, users can configure action steps to take (i.e., automated notifications or blocking access) if the parameter is met.

314.4(C)

Design and implement technical, physical, and administrative controls to manage identified risks and regularly test or monitor their effectiveness.

  • ThreatLocker can serve as technical control to manage identified risks. Additionally, ThreatLocker products can support the establishment, implementation, and effectiveness of supplementary physical and administrative controls by proving detailed records of information access and user activities.

314.4(E)

Evaluate and adjust the information security program as a result of testing or when material changes to the business, cyber-threat landscape, or other circumstances impact the effectiveness of existing technical, administrative, or physical safeguards.

  • ThreatLocker provides organizations with valuable insight regarding the access and actions that are attempted or performed on protected devices and data. These detailed records can be easily examined, and changes can be implemented as needed. 
Was this article helpful?