Skip to content

NY DFS

23 NYCRR 500

newyork

New York Department of Financial Services Cybersecurity Regulation 23 NYCRR 500

23 NYCRR 500 went into full effect March 1, 2019 for financial institutions regulated under the state Banking, Insurance or Financial Services Laws. It established new cybersecurity requirements around the privacy and protection of collected and stored personal information as well as business related information and certain personal health information.

23 NYCRR 500 imposes rules that include creating a detailed cybersecurity plan with supporting policies, designating a Chief Information Security Officer (CISO) or equivalent role, and the initiation and maintenance of ongoing penetration testing, data protection, encryption and reporting of cybersecurity events.

23 NYCRR 500 Compliance and DataKeep™

  • White Checkmark

    Encrypts personal data-at-rest

  • White Checkmark

    Manages access to personal data by role or process

  • White Checkmark

    Audits data access requests / denials for encrypted personal data

  • White Checkmark

    Provides data erasure through cryptographic shredding

  • White Checkmark

    Manages policy and encryption keys from creation, through rotation to deletion

lock

Keep Private Data Private

23 NYCRR 500 imposes rules that include creating a detailed cybersecurity plan with supporting policies, designating a Chief Information Security Officer (CISO) or equivalent role, and the initiation and maintenance of ongoing penetration testing, data protection, encryption and reporting of cybersecurity events.

DataKeep provides a broad range of features that include data access management, integrated key management, sophisticated encryption and event logging to deliver the scalability and flexibility to help protect the most sensitive workloads and easily integrates into your current security environment.

For more information on NYCRR and DataKeep, please download the following

Disclaimer: Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Copyright © 2019 Security First Corp.     Terms of Use     Privacy Policy     Support Desk    Contact Us

Pin It on Pinterest