Gramm-Leach-Bliley act (GLBA)
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> The Gramm-Leach-Bliley Act, GLBA.
00:00
In this lesson, we're going to talk about
00:00
the origins of Gramm-Leach-Bliley,
00:00
the kind of information that's
00:00
regulated by Gramm-Leach-Bliley,
00:00
and the implications of
00:00
>> Gramm-Leach-Bliley in the Cloud.
00:00
>> The Gramm-Leach-Bliley Act was passed in 1999.
00:00
It's also called
00:00
the Financial Services Modernization Act.
00:00
Basically banks were able
00:00
to purchase insurance companies.
00:00
There had been a separation between
00:00
banks and insurance and
00:00
other types of financial institutions in
00:00
the past and that was going away.
00:00
There were concerns raised about
00:00
how these new combined institutions would
00:00
appropriately protect
00:00
customers data and financial information.
00:00
Gramm-Leach-Bliley emerged to answer that question with
00:00
the deregulation of this barrier
00:00
between banks and insurance companies.
00:00
It is administered and enforced through
00:00
the Federal Deposit Insurance Corporation,
00:00
FDIC, and it allows,
00:00
as I said, banks and insurance companies to merge.
00:00
What they argued about was enabled them to
00:00
provide better services to customers.
00:00
When it comes to the Cloud,
00:00
many of the provisions in Gramm-Leach-Bliley focus
00:00
on improving customer data protection
00:00
and privacy through a number of different requirements.
00:00
First and foremost is ensuring that customer's data is
00:00
protected and that the confidentiality
00:00
of that data is maintained.
00:00
They're really as forward looking in
00:00
terms of making sure that people's privacy,
00:00
especially regarding their financial information,
00:00
was protected.
00:00
It also had many
00:00
information security related requirements,
00:00
such as having someone called
00:00
the Information Security Officer as
00:00
a designated point of contact within the organization,
00:00
and then also having plans with regards to
00:00
information security and incident response.
00:00
In many ways that was very progressive
00:00
for the time in 1999,
00:00
in some of the earlier days.
00:00
This designation of an individual
00:00
in the role of information security officer,
00:00
it looks very similar to
00:00
the data protection officer that we'll see in
00:00
the GDPR legislation that came out of
00:00
the European Union to protect EU citizens data.
00:00
All right, quiz question. All the following
00:00
are covered by Gramm-Leach-Bliley except?
00:00
Banks, mortgage brokers,
00:00
or credit card processors.
00:00
If you said credit card processors you are correct.
00:00
Banks and other financial institutions
00:00
such as mortgage brokers,
00:00
payday lenders,
00:00
anywhere you really are having financial information.
00:00
Basically financial information is registered with
00:00
this entity or used when
00:00
making decisions from this entity,
00:00
they are regulated under Gramm-Leach-Bliley.
00:00
Credit card processing, as we'll see later,
00:00
isn't actually regulated by a law,
00:00
but by a standard called PCI,
00:00
the payment card industry standard.
00:00
In summary, we talked about
00:00
>> the origins and importance of
00:00
>> Gramm-Leach-Bliley to regulate banks,
00:00
with the removal of
00:00
this barrier between banks and insurance companies,
00:00
and the implications of Gramm-Leach-Bliley
00:00
in Cloud environments,
00:00
namely that you had to be aware if you are storing or
00:00
processing individuals financial information
00:00
or financial data,
00:00
and ensure that it's both protected and realize
00:00
that this means that you
00:00
are required to meet
00:00
the requirements in the Gramm-Leach-Bliley Act.
00:00
Let's move along and I'll see you in the next lesson.
Up Next
Instructed By
Similar Content
