FFIEC Compliance

FFIEC Compliance and Information Security Standards

Blumira’s security platform helps your organization easily meet and exceed FFIEC security and compliance requirements.

With Blumira’s free edition, secure your Microsoft 365 environment in seconds. For more coverage and support, you can easily upgrade to a paid version that fits your needs.

Sign Up Free

This provides guidelines on how Blumira helps address the needs of FFIEC.



II.C.17 Application Security Applications should provide the ability for management to do the following:

Implement a prudent set of security controls (e.g., password and audit policies), audit trails of security and access changes, and user activity logs for all applications.

II.C.22 Log Management Network and host activities typically are recorded on the host and sent across the network to a central logging repository. The data that arrive at the repository are in the format of the software that recorded the activity. The logging repository may process the data and can enable timely and effective log analysis. Management should have effective log retention policies that address the significance of maintaining logs for incident response and analysis needs.

Log files are critical to the successful investigation and prosecution of security incidents and can potentially contain sensitive information. Intruders often attempt to conceal unauthorized access by editing or deleting log files. Therefore, institutions should strictly control and monitor access to log files whether on the host or in a centralized logging repository. Considerations for securing the integrity of log files include the following:

  • Encrypting log files that contain sensitive data or that are transmitted over the network.
  • Ensuring adequate storage capacity to avoid gaps in data gathering. Securing backup and disposal of log files.
  • Logging the data to a separate, isolated computer.
  • Logging the data to read-only media.
  • Setting logging parameters to disallow any modification to previously written data.
  • Restricting access to log files to a limited number of authorized users.
  • Additionally, logging practices should be reviewed periodically by an independent party to ensure appropriate log management.

Logs are voluminous and challenging to read. They come from a variety of systems and can be difficult to manage and correlate. Security information and event management (SIEM) systems can provide a method for management to collect, aggregate, analyze, and correlate information from discrete systems and applications. Management can use SIEM systems to discern trends and identify potential information security incidents. SIEM systems can be used to gather information from the following:

  • Network and security devices and systems. Identity and access management applications.
  • Vulnerability management and policy compliance tools.
  • Operating system, database, and application logs.
  • Physical and environmental monitoring systems.
  • External threat data.

Regardless of the method of log management, management should develop processes to collect, aggregate, analyze, and correlate security information. Policies should define retention periods for security and operational logs. Institutions maintain event logs to understand an incident or cyber event after it occurs. Monitoring event logs for anomalies and relating that information with other sources of information broadens the institution’s ability to understand trends, react to threats, and improve reports to management and the board.

References https://ithandbook.ffiec.gov/it-booklets/information-security.aspx

Get Started With Blumira’s Free SIEM

Blumira is a SIEM with threat detection and response that alerts your team about critical cyber threats in real-time. By providing automated and actionable response capabilities, we help reduce the overhead associated with traditional SIEM products.

With Blumira’s free edition, secure your Microsoft 365 environment in seconds with coverage for unlimited data and users. With our free edition, you can:

    • Use guided security playbooks to easily respond to threats 
    • View summary dashboard and reports
    • Set up in seconds using our new feature, Cloud Connectors

For more coverage and support, you can easily upgrade to a paid version that fits your needs.

For questions or to learn more on how we can help with FFIEC compliance, contact us.

Sign Up Free