We are considering the creation of a Web page and the offering of electronic banking services to our customers. Do you have any guidelines or a checklist of the items we should be taking into consideration? I am concerned that we are overlooking some basic items as we move into this new type of products.
The federal banking regulators have agreed to on final Interagency Guidelines Establishing Standards for Safeguarding Customer Information ("Guidelines"). You previously wrote two articles for us on the proposed guidelines. (See <a href="gurus_technology1211.html">Part 1</a> and <a href="gurus_technology1218.html">Part 2</a>.) Were there any surprises for you in the final version of Interagency Guidelines Establishing Standards for Safeguarding Customer Information? And could you give us a quick heads-up on what the final guidelines provide?
What are the key elements of an information security program under the Guidelines?