First Bank & Trust

Qualys Helps Metropolitan Bank Document Compliance
and Manage Business Risk

Strengthening the Bank's data security program was the first priority in Daniel Hereford's new job as Data Security Officer at First Bank & Trust. The private community bank in New Orleans is growing rapidly, so ensuring the security of growing networks is critical for protection and privacy of customer data.

The bank was looking to strengthen and widen its protections and security precautions, says Hereford. “That's why we looked for a third-party solution to help find and fix vulnerabilities.” Hereford evaluated four products and chose Qualys.

Hereford says the Bank had previously used an open source tool, but found it was limited in capabilities and provided no vulnerability management process. “Qualys has given us an automated formal process that is sophisticated, detailed, accurate and recurring.” First Bank and Trust is in the early stages of its Qualys deployment but expects this level of service to continue.

“Now we have direct control over assessment and remediation -- and a truer picture of security for the Bank's management,” Hereford says. He uses reports from Qualys to identify and manage risk and what it takes to mitigate those risks. Reports are also used to help demonstrate compliance with the Gramm-Leach-Bliley Act for F.D.I.C. auditors. “The credibility of third-party security audit documentation is an important part of compliance,” he says.

Hereford says the on demand Qualys service requires no extra infrastructure or Bank overhead to run and provided a quick return on investment. “We have to watch our budget. Qualys was the most effective product that offered us the broadest benefits for the cost,” says Hereford.