The Board of Directors and management of BBIF Florida, “BBIF”, realize that the rapidly changing nature of technology demands that a comprehensive security policy be developed and implemented to secure the confidentiality, security, integrity and accessibility of the BBIF’s customer information systems. Like all financial institutions, BBIF Florida, (“BBIF”) is exposed to a variety of operational and transactional risks, including crime, fraud, and natural disaster. Additionally, because of the nature and amount of information gathered regarding the financial transactions of its customers and the extensive use of technology to process this information, BBIF may be exposed to specific information and technology risks.
Further, the Board of Directors and management of BBIF recognize that in order to determine the appropriate type and scope of controls to deploy as part of the information security program, BBIF must assess risks to its customer information and systems, identifying reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer information or customer information systems and evaluate the adequacy of policies, procedures, information security systems, and other practices intended to control the risks identified.
To ensure that information security risks are understood, and appropriate security systems are maintained, the Board of Directors of BBIF has adopted a written Information Security Policy.
The passage of the Gramm-Leach-Bliley Financial Modernization Act (“GLBA”) intensified regulatory attention on technology risk management and information security. BBIF has a comprehensive security program that includes administrative, technical and physical safeguards appropriate for the scope and nature of our organization and activities. To comply with federal guidelines, BBIF’s written security program is designed to: