Network Encryption from CipherOptics
 
 
 Company Overview
 Executive Team
 Board of Directors
 Executive Advisory Board
 Newsroom
 In the News
 Tradeshows & Events
 Industry News
 Trophy Room
 Press Releases
 Careers
 Solutions Overview
 Network Encryption
 MPLS Network Security
 Metro Ethernet Security
 International Data Protection
 Network Security & Data Protection
 Disaster Recovery
 Ethernet Encryption
 Point-to-Point Encryption
 Real-time & High-volume Applications
 Secure Information Sharing
 Products Overview
 CipherEngine™
 Security Gateways
 Service Offerings
 Resource Center
 Compliance Overview
 HIPAA Compliance
 Sarbanes-Oxley Compliance
 GLBA Compliance
 CA SB 1386 Compliance
 PCI DSS Compliance
 Basel II Compliance
 FERPA Compliance
 FFIEC Compliance
 ISO 17799 Compliance
 NERC Cyber Security
 Government Overview
 Government Regulations
 FISMA Compliance
 DoD 8100.2 Compliance
 NISPOM Compliance
 DCID 6/3 Compliance
 Government Security News
 10Gig Network Encryption
 Partner Overview
 Strategic Partners
 Resellers
 Technology Partners
 Become a Partner
 Partner Portal Login
 Contact Information
 Web Contact Form
 Support
 
   

Compliance

Quick Links
Secure Information
Sharing
White Papers
CipherEngine
Resource Center
Compliance Video
Regulatory Compliance Overview Video
Watch the video
Contact Us


Basel II Compliance

The Basel II Accord proposes methodologies for banks to calculate more Basel II Compliance accurately the capital provisions they should make against credit, commercial, and operational risk. Issued in June 2004, it replaces the outdated Basel I, adopted in 1988 and currently used in more than 100 countries. It is expected that Basel II will be implemented in those countries by 2008.

How does CipherOptics help?
CipherOptics CipherEngine enables Secure Information Sharing, which assures the confidentiality, authenticity, and integrity of data in motion on any network. Our approach to protecting both your network and your data is to deny access to everyone, permit by exception. With that as our driving force, our solutions provide you with both encryption and authentication of all your critical information.

Using powerful 256-bit AES encryption that is approved by the government for "sensitive" information, CipherOptics appliances authenticate networks and packets and protect data. Using the robust secure hash algorithm (SHA-1), the security gateways verify the integrity of the data, rejecting any packets that have been manipulated or altered. So whether an undetectable sniffer captures customer information on a network link or an ISP accidentally misroutes a data stream, the confidentiality of sensitive information is assured.

CipherOptics CipherEngine also protects financial and customer information in storage by thwarting intrusion at the network level, not at the storage level. Its deterministic firewall feature can reject any packets that lack proper encryption-based authentication. Thus, only data originating from the other end of the data protection tunnel can pass through to the storage network. This effectively turns the storage network dark to all unauthenticated traffic from the outside.

Network-wide data protection is an important part of best practices-for keeping customer data confidential and for reducing Basel II operational risk. CipherOptics Secure Information Sharing solutions offer a reliable and proven method of ensuring data confidentiality, integrity, and authentication.

What does CipherOptics do?
CipherOptics is the leader in network-wide encryption. Offering an innovative policy and key management solution, coupled with high speed, low latency encryption technology, CipherOptics helps their customers mitigate the risk of data leakage, loss and theft over any network.

Who is affected by Basel II?
The Basel II Accord affects all banks and financial institutions whose regulating authority adopts the standards and methods recommended by the accord.

What are the requirements of Basel II?
Basel II standardizes the measurement and quantification of risks within a financial services organization. Banks must provide disclosures that allow the market to assess its risk position and price accordingly. In addition to the management of credit risk and commercial risk, Basel II mandates an assessment of the institution's operational risk.
Basel II defines operational risk as "the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events" (644). Institutions using the Standardized Approach to calculating operational risk capital must have an adequate operational risk management system in place (633). Information security is an "operational risk management system" that significantly contributes to the level of operational risk.

The Basel Committee on Banking Supervision's "Sound Practices for the Management and Supervision of Operational Risk" notes some of the operational risk event types that the Committee has identified as having the potential to result in substantial losses. These include damage from computer hacking, employee theft, fiduciary breaches, and misuse of confidential customer information.

In order to limit their operational risk-and thus limit their overall risk and maintain favorable pricing in the market-financial institutions operating under Basel II will need to implement robust data security measures, including the protection of customers' private information.

What are the penalties for Basel II non-compliance?
Basel II requires accurate measurement of risk rather than a certain level of risk. But a higher level of risk does impose economic penalties on the financial institution. It will be required to reserve a greater amount of capital, and it will be subjected to less-favorable pricing in the capital markets. Thus, Basel II means financial institutions will bear the economic consequences of high operational risk (e.g., the neglect of data security) and reap the economic rewards of lowering operational risk (e.g., the deployment of data security measures).

How do institutions comply with Basel II?
Basel II requires risk appraisal and control-in short, a "risk management environment." In order to reduce operational risk, financial institutions must implement robust information security measures, including the protection of critical information traveling on the network. Information security measures must ensure the confidentiality and integrity of the institution's data. In order to minimize operational risk, they must protect customer data from accidental or malicious disclosure.

Helpful Resources
Text of the Basel II Accord
Basel Committee on Banking Supervision: "Sound Practices for the Management and Supervision of Operational Risk"