4 members / 185 guests (24 hours)
$0.00 (0.00%)
High: $0.00
Low: $0.00
Volume: 0


Our fund raising round was not successful.  As a result, IDB will be going off line and into cold storage.  If our competitors should stumble, I may re-active the site in the future but for now, we're turning out the lights.

I had planned to go off-line on April 4th.  Due to some important and unplanned changes in our maintenance schedule, I am now bumping that up to next Tuesday morning, March 27th, 2018.  PM 'admin' if you need to reach me. 

You should use the next 5 days to find a new home for your community.

Running IDB has been fun over the years and I hope you enjoyed your time here as well.  Sincerely,  Paul

P.S. News on IDB Funding -- this is now on it's own page to clean up the site a bit.

How banks are coping with New York’s cybersecurity rules




Multifactor authentication

The department's superintendent, Maria Vullo, spoke proudly of the new rules on the first compliance date. “This day marks a significant milestone in protecting the financial services industry and the consumers they serve from the threat of cyber-attacks,” she said in a press release. A spokesman for the agency offered no further comment.

The rules require institutions regulated by the department to use multifactor authentication to protect access to internal networks, “unless the covered entity’s CISO has approved in writing the use of reasonably equivalent or more secure access controls.”

This might sound simple — just require a one-time passcode or biometric in addition to user name and password when employees and customers can log in. But it can be tricky in practice.

The large core banking system providers don’t all offer multifactor authentication, Tomita pointed out.

Beyond the core, applying multifactor authentication to other systems at a bank can be problematic, because “you have a mixed bag of environments out there where people have systems that don’t integrate well into multifactor,” Tomita said.

Organizations I’ve talked to have no idea what they’re going to do,” he said. “Some people are going to have to complete forklift upgrades in order to make their networks compliant with multifactor authentication. That is a tremendous burden that I don’t think anybody looked at when they put this together.”

Al Pascual, senior vice president and research director at Javelin Strategy & Research, noted that hackers at this year’s Black Hat conference identified multifactor authentication as the most difficult control to circumvent.