[ISN] FDIC: Improve Vendor Management

http://www.bankinfosecurity.com/fdic-improve-vendor-management-a-6053 By Tracy Kitten Bank Info Security September 9, 2013 Federal regulators are urging banking institutions to pay more attention to vendor management in light of recent breaches, such as one that compromised core processor Fidelity National Information Services, better known as FIS. During a recent Community Bankers Advisory Committee meeting in Washington, D.C., examiners from the Federal Deposit Insurance Corp. stressed the obligations banks and credit unions have to ensure that the vendors they use maintain adequate levels of security. Regulators regularly examine certain vendors to ensure that sensitive information is sufficiently protected through the use of encryption and other technologies. The vendors include those that have contracts with banks for core banking services or that provide services covered under the Bank Service Act. The institutions that use those companies’ products and services should request reports on those examinations and follow up to ensure security mandates are being met, regulators say. Due diligence is the responsibility of the institution, not the examiner. […]