Fasoo For Instant Compliance
New York Governor Cuomo announced the first-in-the-nation cybersecurity regulation to protect New York’s financial services industry and consumers from the ever-growing threat of cyber-attacks that took effect on March 1, 2017.
The new rules require banks, insurers, and other financial services first to meet minimum cybersecurity requirements to “protect consumers and ensure that its systems are sufficiently constructed to prevent cyberattacks to the fullest extent possible.”
Fasoo’s solutions comprehensively meet the four data-centric requirements of the NYDFS Part 500 Cybersecurity Regulations.
500.15 Encryption of Non-public Information
Implement controls, including encryption, to protect Non-public Information held or transmitted both in transit over external networks and at rest.
500.07 Access Privileges
Limit user access privileges to information systems that provide access to nonpublic information.
500.06 Audit Trail
Include audit trails designed to detect and respond to Cybersecurity Events that have a reasonable likelihood of materially harming normal operations.
500.13 Limitations on Data Retention
Secure disposal on a periodic basis of any Nonpublic Information that is no longer necessary for business operations or for other legitimate business purposes.