According to this short news item , ninety-five percent of US banks are either in compliance or very close to compliance with the online security measures mandated by the Federal Financial Institutions Examination Council (FFIEC), according to recent research. I cannot express how much I question the results of this research.
Back in June of this year, Sestus Data released a white paper that detailed how non-compliant banks were with FFIEC multi-factor authentication guidelines. In this paper the researchers concluded that only 4% of sampled banks employed consistently multi-factor authentication methods, while 64% used single-factor only. So, are we to believe that most of these banks have gotten their act together in the last five months? I seriously doubt that. Unfortunately, there is no link to the original research mentioned in this news item, but I strongly suspect that the researchers adopted the banks' definition of "multi-factor authentication" as opposed to the FFIEC's. Anyone who is familiar with this issue understands that the banks have been waging a fierce battle with the FFIEC over what exactly constitutes multi-factor authentication, with the banks adopting a much more lax definition. I'll keep a lookout for this latest research paper to see if I'm right.
No related articles.
