Replies to post #170849 on Zerify Inc (ZRFY)

[ZPaul]

White House Tells Agencies to Tighten Up Cyber Defenses 'Immediately

Read the 4th Bullet Pt @ http://www.nextgov.com/cybersecurity/2015/06/white-house-tells-agencies-tighten-online-security-immediately/115216/

According to White House officials, the emergency procedures include:

"Immediately" deploying so-called indicators, or tell-tale signs of cybercrime operations, into agency anti-malware tools. Specifically, the indicators contain "priority threat-actor techniques, tactics and procedures" that should be used to scan systems and check logs.

Patching critical-level software holes "without delay." Each week, agencies receive a list of these security vulnerabilities in the form of DHS Vulnerability Scan Reports.

Tightening technological controls and policies for "privileged users," or staff with high-level access to systems. Agencies should cut the number of privileged users; limit the types of computer functions they can perform; restrict the duration of each user's online sessions, presumably to prevent the extraction of large amounts of data; "and ensure that privileged user activities are logged and that such logs are reviewed regularly."

Dramatically accelerating widespread use of of "multifactor authentication" or two-step ID checks. Passwords alone are insufficient access controls, officials said. Requiring personnel to log in with a smartcard or alternative form of ID can significantly reduce the chances adversaries will pierce federal networks, they added, stopping short of mandating multi-step ID checks.

[carusso]

You're Gold, Gold49er!

[WBCTrader]

HOLD MY BEER!

STRAIGHT FROM SFOR FINANCIALS

Updated guidance for the Federal Financial Institutions Examination Council (“FFIEC”) regulations include the requirement for solutions that have Two-Factor Out-of-Band Authentication and products that stop keylogging malware, real time, which our management believes our proprietary products uniquely and directly address. This new updated guidance went into effect as of January 1, 2012. Based on this new requirement in the latest FFIEC update that was published in June 2011 with enforcement commencing in January 2012

REFERENCE PAGE 21

See the part where even SFOR MANAGEMENT acknowledges the 2012 MFA OOB guidance as a "REQUIREMENT", WHERE IT WENT INTO AFFECT IN 2012.
Granted, these are 2016 financials, so it is just like SFOR to be years behind on something, but he does state it has been an requirement since 2012!!!

/DROPS MIC

THE FFIEC sets the standards for I.T. Security in the Financial Sector.
Welcome to the Federal Financial Institutions Examination Council's (FFIEC) Web Site.

The Council is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB)

The 2001 STANDARDS set by the FFIEC.

2012 FFIEC standards



Now, just as I was saying, there are many forms of MFA and many forms of OOB/MFA.
It has been around and an industry standard in the financial sector for a LONG TIME, as even noted by MARK KAY HIMSELF IN THEIR FINANCIALS.