Did you read the full notice? This link was at the bottom: http://www.ffiec.gov/pdf/authentication_guidance.pdf in which the FFIEC defines several ways to authenticate end users, but as Lyal Collins pointed out it is all based on your company own risk assessment.
>For those that fall under US FFIEC governance, what are you doing to satisfy these requirements? I'd like to >think I have more options than running to the store to pick up my RSA keyfobs... What about PKI? Are there >other. options for web based apps? > >http://www.fdic.gov/news/news/financial/2005/fil10305.html > >C. DeBerry _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
