10-D Security

Home/10-D Security

About 10-D Security

This author has not yet filled in any details.
So far 10-D Security has created 8 blog entries.

Is Your Financial Institution Prepared for the July 2020 Reg CC Changes? – WST


May 21, 2020 Is Your Financial Institution Prepared for the July 2020 Reg CC Changes? - WST In 2010, the Dodd-Frank Act implemented changes to the Expedited Funds Availability Act, better known as Reg CC, including a) periodic adjustments to hold amounts to account for inflation, and b) customer notification requirements.  The 2019 final rule adjusted these two requirements in Reg CC effective July 1, 2020.  Is your financial institution prepared for these changes? Reg CC Inflation Adjustment Requirements Effective July 1, 2020, financial Institutions will now have to increase the amounts made available to consumers the next [...]

Is Your Financial Institution Prepared for the July 2020 Reg CC Changes? – WST2020-05-21T21:23:09+00:00

More Shake Out from COVID-19: Federal Reserve Eases Reg D Restrictions – WST


May 7, 2020 More Shake Out from COVID-19:  Federal Reserve Eases Reg D Restrictions - WST What Is Changing in Reg D? In an effort to provide consumers easier access to their funds during the COVID-19 pandemic, the Federal Reserve recently issued an interim final rule, effective immediately, revising the definition of a “savings deposit” account and deleting the six-per-month limit on convenient transfers. This action by the Federal Reserve reduces all reserve requirement ratios to zero and eliminates the need to distinguish between reservable “transaction accounts” and non-reservable “savings deposits”.  Also noteworthy is that the Federal Reserve [...]

More Shake Out from COVID-19: Federal Reserve Eases Reg D Restrictions – WST2020-05-12T21:04:05+00:00

Complaint Management Programs – More Important Now Than Ever – WST


April 2, 2020 Complaint Management Programs – More Important Now Than Ever - WST Chances are that a Consumer Complaint Management Program review has become a key part of your most recent consumer compliance examination.  If you still haven’t developed your program or if you have a program in place but it needs refining, there is no time like the present to start developing or enhancing your internal process for gathering, tracking, responding to and analyzing customer complaints - especially since all financial institutions are adopting new ways to interact with and provide services to their customers during [...]

Complaint Management Programs – More Important Now Than Ever – WST2020-04-09T14:42:47+00:00

COVID-19 Is your Pandemic Plan ready? – WST


February 27, 2020 COVID-19 Is your Pandemic Plan ready? - WST You already have a rock-solid pandemic plan, right? Of course you do. But given the current coronavirus (COVID-19) news, it might be worth locating the plan, dusting it off, and reviewing it to ensure it is as comprehensive as you remember it to be. While there are many other good sources of information on the illness (such as CDC’s info for businesses: https://www.cdc.gov/coronavirus/2019-ncov/specific-groups/guidance-business-response.html), there are considerations that are financial institution specific. You might want to consider the following when reviewing your pandemic plan: Be sure to [...]

COVID-19 Is your Pandemic Plan ready? – WST2020-02-28T14:22:36+00:00

We Accept the Risk – WST


February 13, 2020 We Accept the Risk? - WST Risk.  The hot potato of any organization.  There are so many options of what to do with a risk potato once it’s identified;  You can throw out the oven (avoidance), you can wrap it in foil to contain the heat (mitigate), you can have someone else handle it (transference), and you may even choose to own it (acceptance). While it may seem like a quick and easy option, your Board, auditors, and examiners may expect a more formal approach to risk acceptance beyond simply stating, “we accept the [...]

We Accept the Risk – WST2020-02-20T23:07:48+00:00

Infosec Blocking and Tackling – Vulnerability Management – WST


February 20, 2020 Infosec Blocking and Tackling - Vulnerability Management - WST Vulnerability management!  Now there is a sexy subject.  Managing the various vulnerabilities in your environment (which is generally a lot of patching and updating) is a tedious, thankless, and never-ending task.  The problem is, however, that it is absolutely essential to the security of any network environment. Vulnerability management is a larger task than just patching.  It is the process of identifying vulnerabilities in your environment, prioritizing, and tracking each issue to remediation (or acceptance or mitigation). The first step in vulnerability management is knowing what [...]

Infosec Blocking and Tackling – Vulnerability Management – WST2020-02-20T22:57:58+00:00

50 Shades of Administration – Managing Domain Admin Privileges


50 Shades of Administration During our work, both our auditors and engineers have noticed a common issue our clients large and small have – overly permissive administration accounts.  Many times, we see all IT users given a Domain Admin account, from the greenest helpdesk tech, to the person overseeing the network.  Microsoft’s Active Directory has a couple of different ways to grant rights to a user, group, or organizational unit, allowing the target the ability to perform certain tasks without giving them the keys to the kingdom.  Here are just a couple simple examples. In the Springfield.local domain, Lisa Simpson [...]

50 Shades of Administration – Managing Domain Admin Privileges2019-10-22T20:50:32+00:00

Memory Acquisition Tools


Memory Acquisition Tools Combating today’s advanced malware requires skill and an advanced toolset. The most common incident response procedure that we see in smaller organizations is to identify infected machines and simply run malware scanners (Malwarebytes, Spybot, etc...) until the scan comes back clean. This “scan until clean” mindset often results in repeated infections and gives the organization a false sense of security. Malware scanners suffer from the same weaknesses that standard antivirus programs suffer from, and that is that they are signature based and can only discover malware that has already been found and reported. And yes, if you [...]

Memory Acquisition Tools2019-10-22T20:51:11+00:00