April 24, 2001
OCC Advises Banks to Ensure Information Systems Security is Maintained, Tyson Corner, Virginia
WASHINGTON, D.C. — The Office of the Comptroller of the Currency today issued an alert outlining steps that national banks should take to protect and maintain network security.
The alert was prompted by recent National Infrastructure Protection Center (NIPC) reports on an increasing number of attacks that target e-commerce activities. The NIPC reports point to known vulnerabilities in hardware and software products as a source of unauthorized access to network systems.
In today's alert, the OCC advises banks to review the NIPC advisories, previously issued OCC security guidance, and review their internal controls to safeguard bank information systems and unauthorized activities.
"As banks are increasingly becoming connected to the Internet and provide electronic-banking products and services, national banks should take the necessary steps to implement and maintain secure systems," said Clifford A. Wilke, Director for OCC's Bank Technology Division.
"Security maintenance includes identifying new systems vulnerabilities in a timely manner, installing software patches or upgrading products to mitigate new threats, and monitoring banking systems for unusual activities," Mr. Wilke added.
National banks should proactively review their network systems security to protect their systems from unauthorized access and maintain confidentiality of customer information, Mr. Wilke said.
- Alert 2001-4: Network Security Vulnerabilities