GLBA

Also known as the Financial Services Modernization Act, the Gramm Leach Bliley Act (GLBA) applies to U.S financial institutions and governs the secure handling of non-public personal information including financial records and other personal information.

Entrust nShield® hardware security modules (HSMs) support Gramm-Leach-Bliley Act (GLBA) compliance through:

Encryption key protection
Strong user authentication

Regulation

Requirements

Section 501(b) of the Gramm-Leach-Bliley Act requires financial institutions to protect the security, confidentiality and integrity of non-public customer information through “administrative, technical and physical safeguards”. The Gramm-Leach-Bliley Act also requires each financial institution to implement a comprehensive written information security program that includes administrative, technical and physical safeguards appropriate to the size, complexity and scope of activities of the institution. These include:

Ensuring the security and confidentiality of customer records and information
Protecting against any anticipated threats or hazards to the security or integrity of such records
Protecting against unauthorized access to or use of such records or information, which could result in substantial harm or inconvenience to any customer

Implications

For organizations affected by the standard, these Gramm-Leach-Bliley privacy regulations, combined with referenced requirements under the Federal Deposit Insurance Act – section 36, result in the need to:

Safeguard and monitor customer records and information
Create and maintain effective risk assessments
Identify, implement and audit specific internal security controls that protect this data

Compliance

Encryption Key Protection

nCipher Hardware Security Modules (HSMs) are FIPS-certified, tamper-resistant devices that help protect financial institutions’ most sensitive data by securely generating, managing and storing encryption and signing keys.

Strong User Authentication

nCipher HSMs can help you create high-assurance systems to authenticate users and devices using internal systems, limiting accessing to only authorized entities.

Resources

Brochures : Entrust nShield HSM Family Brochure

Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.

Entrust nShield HSM Family Brochure

Digital Certificates

Digital Certificates

Standard TLS/SSL

Advantage TLS/SSL

UC Multi-Domain TLS/SSL

EV Multi-Domain TLS/SSL

Wildcard TLS/SSL

Private TLS/SSL

Qualified Electronic Seal Certificates

QWAC eIDAS Certificates

QWAC PSD2 Certificates

Platinum Services

Entrust Certificate Services

Subscription Plan

Digital Signing

Digital Signing

TrustedX Signing Servers

TrustedX eIDAS

TrustedX Electronic Signatures

Document Signing Certificates

Secure Email Certificates

Device Certificates

Code Signing Certificates

Entrust Timestamping Authority

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

Certificate Hub

Security Manager

Entelligence Security Provider

Epassport

Validation Authority

Entrust Managed PKI Service

Cryptography as a Service

Managed Microsoft PKI

Managed Offline Root Certificate Authority

Cryptographic Center of Excellence

Internet of Things (IoT) Security

Mobile Device Management BYOD

Products

Identity as a Service

Identity Enterprise

Identity Essentials

Solutions

PSD2

PIV

Physical / Logical Access

Safeguarding Your VPN

Privileged Users

Workstation Login

Security and Access for Contractors

Consumer Banking

Customer Portals

Digital Citizen

Digital Onboarding

CIAM Integration

Data Breach

Improve User Experience

Support Diverse User Groups

Streamline IT

Transaction Verification

Portfolio Capabilities

ID Proofing

Device Reputation

Secure Device Provisioning

Password Reset

Credential Issuance

Authenticators

Mobile Authentication

Passwordless Login

Adaptive Authentication

Single Sign-On

APIs / SDKs

Fraud Detection

Products

nShield Connect

nShield Edge

nShield Solo

nShield as a Service

nShield Issuance HSM

CodeSafe