According to this short news item , ninety-five percent of US banks are either in compliance or very close to compliance with the online security measures mandated by the Federal Financial Institutions Examination Council (FFIEC), according to recent research.  I cannot express how much I question the results of this research.

Back in June of this year, Sestus Data released a white paper that detailed how non-compliant banks were with FFIEC multi-factor authentication guidelines.  In this paper the researchers concluded that only 4% of sampled banks employed consistently multi-factor authentication methods, while 64% used single-factor only.  So, are we to believe that most of these banks have gotten their act together in the last five months?  I seriously doubt that.  Unfortunately, there is no link to the original research mentioned in this news item, but I strongly suspect that the researchers adopted the banks' definition of "multi-factor authentication" as opposed to the FFIEC's.  Anyone who is familiar with this issue understands that the banks have been waging a fierce battle with the FFIEC over what exactly constitutes multi-factor authentication, with the banks adopting a much more lax definition.  I'll keep a lookout for this latest research paper to see if I'm right.

Related articles:

1. Multi-Factor Headaches Despite widespread use of token-based authenticators and the rise of alternative technologies, such as image-based authenticators, the burden and pain...
2. Mobile Phones as Keyfobs? A new option offered by Bank of America offers customers the ability to use their mobile phones to make online...
3. AICPA Comes out in Favor of IFRS Ok, I was going to leave IFRS alone for a week, but I couldn’t resist this bit of news.  WebCPA...
4. Virtualization Compliance Roundtable Please join Brightfly’s Managing Director of Research, Brandon Dunlap, as he moderates “The Curious Case of Compliance in a Virtualized...