Gramm-Leach-Bliley Act (GLBA)
Comply with the requirements of the Financial Services Modernization Act
Also known as the Financial Services Modernization Act, the Gramm Leach Bliley Act (GLBA) applies to U.S financial institutions and governs the secure handling of non-public personal information including financial records and other personal information.
Entrust nShield® hardware security modules (HSMs) support Gramm-Leach-Bliley Act (GLBA) compliance through:
- Encryption key protection
- Strong user authentication
- Click to select...
Regulation
Requirements
Section 501(b) of the Gramm-Leach-Bliley Act requires financial institutions to protect the security, confidentiality and integrity of non-public customer information through “administrative, technical and physical safeguards”. The Gramm-Leach-Bliley Act also requires each financial institution to implement a comprehensive written information security program that includes administrative, technical and physical safeguards appropriate to the size, complexity and scope of activities of the institution. These include:
- Ensuring the security and confidentiality of customer records and information
- Protecting against any anticipated threats or hazards to the security or integrity of such records
- Protecting against unauthorized access to or use of such records or information, which could result in substantial harm or inconvenience to any customer
Implications
For organizations affected by the standard, these Gramm-Leach-Bliley privacy regulations, combined with referenced requirements under the Federal Deposit Insurance Act – section 36, result in the need to:
- Safeguard and monitor customer records and information
- Create and maintain effective risk assessments
- Identify, implement and audit specific internal security controls that protect this data
Compliance
Encryption Key Protection
Entrust nShield Hardware Security Modules (HSMs) are FIPS-certified, tamper-resistant devices that help protect financial institutions’ most sensitive data by securely generating, managing and storing encryption and signing keys.
Strong User Authentication
Entrust nShield HSMs can help you create high-assurance systems to authenticate users and devices using internal systems, limiting accessing to only authorized entities.
Resources
Brochures : Entrust nShield HSM Family Brochure
Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.
Related Solutions
For electronic health information security and the timely disclosure of data breaches
Related Products
Hardened, tamper-resistant environments for secure cryptographic processing and key management.