Gramm-Leach-Bliley Act (GLBA)
Comply with Controlled Substance Ordering System (CSOS) requirements
Also known as the Financial Services Modernization Act, the Gramm Leach Bliley Act (GLBA) applies to U.S financial institutions and governs the secure handling of non-public personal information including financial records and other personal information.
Entrust nShield® hardware security modules (HSMs) support Gramm-Leach-Bliley Act (GLBA) compliance through:
- Encryption key protection
- Strong user authentication
Section 501(b) of the Gramm-Leach-Bliley Act requires financial institutions to protect the security, confidentiality and integrity of non-public customer information through “administrative, technical and physical safeguards”. The Gramm-Leach-Bliley Act also requires each financial institution to implement a comprehensive written information security program that includes administrative, technical and physical safeguards appropriate to the size, complexity and scope of activities of the institution. These include:
- Ensuring the security and confidentiality of customer records and information
- Protecting against any anticipated threats or hazards to the security or integrity of such records
- Protecting against unauthorized access to or use of such records or information, which could result in substantial harm or inconvenience to any customer
For organizations affected by the standard, these Gramm-Leach-Bliley privacy regulations, combined with referenced requirements under the Federal Deposit Insurance Act – section 36, result in the need to:
- Safeguard and monitor customer records and information
- Create and maintain effective risk assessments
- Identify, implement and audit specific internal security controls that protect this data
Encryption Key Protection
Entrust nShield Hardware Security Modules (HSMs) are FIPS-certified, tamper-resistant devices that help protect financial institutions’ most sensitive data by securely generating, managing and storing encryption and signing keys.
Strong User Authentication
Entrust nShield HSMs can help you create high-assurance systems to authenticate users and devices using internal systems, limiting accessing to only authorized entities.
Brochures : Entrust nShield HSM Family Brochure
Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.