IronKey Trusted Access For Banking Meets New FFIEC Guidelines

IronKey Trusted Access also meets NACHA and FBI recommendations for safe online banking

July 2, 2011

3 Min Read


SUNNYVALE, Calif. – June 29, 2011 – IronKey's Trusted Access for Banking secure browsing solution meets the new online banking security guidelines from the Federal Financial Institutions Examination Council (FFIEC), the company announced today. The FFIEC member agencies have directed examiners to formally assess financial institutions under the authentication supplement beginning in January 2012.

“The FFIEC Internet banking guidance calls for multiple layers of security controls to prevent fraud and importantly, the guidance identifies the IronKey Trusted Access design as one of the five relevant and effective controls cited for preventing fraud,” said David Jevans, chairman of IronKey and the Anti-Phishing Working Group (APWG).

One of the layered security controls recognized by the guidance to help prevent fraud is the use of USB devices “that increase session security when plugged into the customer’s PC.” They are effective because they “enable a secure link between the customer’s PC and the financial institution independent of the PC’s operating system and application software.” The only commercially available product that fits this description completely is IronKey Trusted Access for Banking.

The IronKey Trusted Access for Banking approach delivers the capabilities bank examiners will now look for, requires no changes to bank systems, and stops hackers where they are attacking--- at the online banking customer’s PC -- even if it is infected with the worst possible crimeware such as ZeuS, SpyEye, Sunspot, and OddJob.

IronKey Trusted Access also meets NACHA and FBI recommendations for safe online banking by providing a dedicated, isolated, and secure browser environment. The secure browser approach is also recognized by Gartner as one of the five critical security controls for preventing online banking fraud.1

IronKey Trusted Access for Banking is an intelligent security software and Internet security service that is also easy to use. Trusted Access provides a secure Web browser protected in a fully virtualized, read-only environment tailored to protect online banking sessions from known and unknown crimeware. Even if a computer is infected with malware, the online banking session remains safe, secure, and private. Unlike other approaches, Trusted Access protects an online banking client even if his or her computer is infected with the latest zero-day attack that would go undetected by antivirus or other signature-based software countermeasures, as highlighted in the FFIEC’s review of today’s threatscape.

The FFIEC has six voting members: the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the National Credit Union Administration, the Office of Thrift Supervision, and the State Liaison Committee.

More information about IronKey's Trusted Access for Banking is available online.

About IronKey

Ranked as the 14th best venture-funded company in The Wall Street Journal's "Next Big Thing 2011" survey, IronKey secures data and online access for individuals, enterprises, and governments. IronKey solutions protect remote workers from the threats of data loss, compromise of passwords, and computers infected by malicious software and crimeware. IronKey multi-function devices connect to a computer's USB port and are easy to manage with the IronKey management service. This allows users to securely carry sensitive corporate data, strongly authenticate to VPNs and corporate networks and isolate online banking customers from Advanced Persistent Threat attacks. IronKey customers include Fortune 500 companies, healthcare providers, financial institutions and government agencies around the world. Trusted Access for Banking has also won numerous awards such as ‘FutureNow 2010 Top 5’ from Bank Technology News. Visit for more information.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights