DELATUSH SYSTEMS, INC.Presents

MB SECURE

DELATUSH SYSTEMS, INC.Presents

MB SECURE

NETWORK MONITORING

AND

MANAGEMENT

Confidential and Proprietary © 2007 McIsaac & Associates, Ltd.

Risk Driven Change Risk Driven Change

2002 20082004 2006

2002 GLB – Customer Privacy; Security Control Implementation

2003 Patriot Act – AML (BSA) Implementation

2004 SOX – Sarbanes-Oxley Act of 2002 Implementation

2003-2004 Twelve FFIEC Information Systems Examination Handbooks

May 2005 BASEL II Initial rules and revisions

Mid 2006 Basel II Final rules proposal

Q1 2008 Basel II Implementation

1. Information Security

2. Business Continuity Planning

3. Supervision of TSP*

4. Electronic Banking

5. Fedline

6. Information Technology Audit

1. Retail Payment Systems

2. Development and Acquisition

3. Outsourcing Technology Services

4. Management

5. Wholesale Payment Systems

6. Operations

Compliance by…

Confidential and Proprietary © 2007 McIsaac & Associates, Ltd.

Regulation MandateWhat makes an Effective Program

Regulation MandateWhat makes an Effective Program

Corporate and customer information must be available, accurate, complete, valid, and secure.

Information security is the process used (the Program). Strong and effective controls is throughout the operations essential

to safety and soundness Strong board and management support Ongoing and evolving process Integrates its processes, people, and technology Incident response component Regular testing and security training Framework identifying risks, develops and implements security

strategy, tests key controls, and monitors the risk environment Scope to address all technology activities (systems, providers) Several measures, taken together, serve to identify, monitor,

control, and mitigate potential risks (authentication, passwords, user identification (ID), user access, system log-on and log-off, virus protection, and encryption.)

OTS Regulation Bulletin RB37-15 Section 341 April 26, 2006

Confidential and Proprietary © 2007 McIsaac & Associates, Ltd.

COSO* – CoBit*Internal Control Framework

COSO* – CoBit*Internal Control Framework

Control conscience of an organization The “tone at the top”

Evaluation of internal and external factors that impact an organization’s performance

Policies and procedures to ensure that actions identified to manage risk are executed

Process to ensure that relevant information is identified and communicated in a timely manner

Process to determine whether internal control is adequately designed, executed, effective, and adaptive

*Committee of Sponsoring Organizations

Confidential and Proprietary © 2007 McIsaac & Associates, Ltd.

ReportingMonitoring

FFIEC IT Control FrameworkFFIEC IT Control Framework

Planning

Privacy & Confidentiality

Information Security & Technology Administration

Risk Training Testing Incident

Electronic Banking

Third Party Services & Outsourcing

DR&BC Inte

gra

ted O

RM

Change

Confidential and Proprietary © 2007 McIsaac & Associates, Ltd.

Monitoring & EvaluationKey Control

Monitoring & EvaluationKey Control

MB SECUREMB SECURE

24x7 Managed Services

•More Security

•More Control

•More Time

24x7 Managed Services

•More Security

•More Control

•More Time

The Senior Management Perspective

The Senior Management Perspective

Business Issues Stability Security Secure Data Departments

demanding more

Cost Pressures Rising IT costs Need for better

capabilities Flat budgets IT has become

mission-critical

Source: Microsoft

Reduce Costs

Simplify Management

Keep the Bank

Running

The IT Director ViewSource: Microsoft

Source: Microsoft

Management – The Manual RealityManagement – The Manual Reality

Over 60% of TCO over a 5 year period are driven by people costs

People are spending their

time on manual tasks

53%53% 24%24% 23%23%

54%54% 17%17% 29%29%

56%56% 17%17% 28%28%

58%58% 18%18% 24%24%

60%60% 16%16% 24%24%

62%62% 14%14% 25%25%

Percent of ReponsesPercent of Reponses

Degree of AutomationManualManual ScriptsScripts Automated ToolsAutomated Tools

Source: Microsoft

MB SECUREMB SECURE

Enterprise-class service management available at a fraction of the cost

Proactive Remote Management Solution Simple Configuration Monitoring Templates Remote & Patch Management Asset Inventory Integrated Ticket System Agent less Web-based

24x7 Monitoring & Reporting24x7 Monitoring & Reporting

Security, Health, Performance Monitoring Desktops, Servers Firewalls, Switches, Routers, Printers Applications Antivirus & Backups

Alert Notification Email, Pager, Ticket Creation

Daily, Weekly, Monthly Reporting Automatic scheduling Multi-level (executive and device)

Patch & Remote ManagementPatch & Remote Management

Asset Inventory Patch & Update Management

Microsoft Baseline Security Analyzer Microsoft Windows Software Update Service Antivirus Backups

Remote Management

Decrease Administration CostsAutomate manual tasks for routine

maintenanceSimplify troubleshooting Eliminate drive time through remote

managementAutomatic patch & update

management

Reduce Time & Costs

User ManagementUser Management

Multiple User Accounts Global, Technician, End-user Views Web site

Web-based Ticketing System Monitoring & Alerting Templates

WMI, SNMP, SYSLOG Web-site and custom log monitoring

Addressing the Challenges TogetherAddressing the Challenges Together

Reduce Costs & Save Time Operational Efficiency Lowest TCO

Simplify Management Automate Manual Tasks Eliminate troubleshooting Remote and patch management

Keep The Bank Running Secure and Reliable Infrastructure Service Level Predictability

The IT Director View

Reduce Costs

Simplify Management

Keep the Bank

Running

Addressing the ChallengesAddressing the Challenges

Source: Microsoft

Thank you for your time and attentionThank you for your time and attention

VISIT US AT BOOTH 412

Contact us at:DELATUSH SYSTEMS, INC.

500 OLD DOVER ROADMORRIS PLAINS, NJ 07950

973-993-8300

www.delatush.com