BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Addressing the MAS Technology Risk Management Guidelines with Privilege and Vulnerability Management

Posted March 12, 2014    Morey Haber

The Monetary Authority of Singapore (MAS) is Singapore’s central bank and financial regulatory authority. The MAS frequently releases guidelines that address emerging technologies and evolving threat landscape.

In June 2013, the MAS created an updated set of guidelines for Internet Banking and Technology Risk Management (IBTRM). This addendum mandates certain requirements for Technology Risk Management (TRM) and contains a set of guidelines (TRM Guidelines) and errata notices (TRM Notices).

The TRM Guidelines are statements of industry best practices to which Financial Institutions are expected to adhere. The guidance is not legally binding but is used by MAS in risk assessment audits of financial institutions.

BeyondTrust solutions for privileged account management and vulnerability management address several TRM Guidelines, including those outlined in the following sections of the latest MAS TRM Guidelines document:

  • Section 4: Technology Risk Framework
  • Section 6: Acquisition and Development of Information Systems
  • Section 9: Operational Infrastructure Security Management
  • Section 11: Access Control

Learn more about how BeyondTrust solutions map to the MAS TRM Guidelines in this white paper: Monetary Authority of Singapore: BeyondTrust Solution Overview.

Tags:
, , , , ,

Leave a Reply

Additional articles

powerbroker-for-mac-diagram-small

PowerBroker for Mac: A Least-Privileged Apple a Day…

Posted July 27, 2015    Jason Silva

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS X to perform administrative tasks successfully without entering elevated credentials.

Tags:
, ,
PrivilegedAccountManagement

On Demand Webinar – Now is the time for Privileged Account Management

Posted July 24, 2015    BeyondTrust Software

In this webinar, SANS Instructor and Founder of Voodoo Security, Dave Shackleford, will revisit several hacking and breach scenarios that involved privileged accounts, and use these as examples while discussing tools and tactics to get this problem under control once and for all.

Tags:
, ,
dave-shackleford-headshot

Privileged Account Management: The Time is Now

Posted July 22, 2015    Dave Shackleford

There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class.

Tags:
, ,