© 2019 RSM US LLP. All rights reserved.
Sheltered Harbor advisory services
Prepare for cyber events that could cause systems—even backups—to fail
Financial institutions are at a high risk for attacks, including nation states and state-sponsored terrorist organizations. Attacks are increasing in frequency and intensity, with methods that disrupt key processes and destroy backups, making traditional disaster recovery and business continuity plans (BCPs) ineffective.
The industry-established Sheltered Harbor data protection and portability standard was developed in response to these threats that focused on destruction, as opposed to data exfiltration or financial gain. RSM has partnered with Sheltered Harbor to provide comprehensive advisory services to help financial institutions build resiliency against prolific, systematic attacks.
What is Sheltered Harbor?
Sheltered Harbor’s purpose is to protect customers, financial institutions and public confidence in the financial system if a catastrophic event, like a cyberattack, causes critical systems—including backups—to fail. Sheltered Harbor furnishes the road map, guides and provides resources for institutions to effectively plan for such a scenario, giving institutions the ability to proactively and rapidly restore customer account data in case of an extended operational outage.
Taking a proactive stance against complex risks
RSM’s experienced team provides several services to help your organization implement a Sheltered Harbor program, including:
- Readiness services: Helping you understand key aspects of implementation, including critical milestones and establishment of responsibilities within your institution
- Sheltered Harbor gap assessment: Ensuring you have the right elements in place and that your process is as efficient as possible if you have already begun implementing a Sheltered Harbor program
- Program initiation: Developing your Sheltered Harbor policies, defining roles and responsibilities, and helping you put critical governance processes in place
- Data vaulting advisory: Determining what data to extract, how to perform the extraction and what controls to establish around Sheltered Harbor’s defined data vaulting process
- Resiliency planning: Creating a sophisticated plan and order of operations to restore business and technical processes, and make key business decisions, when facing a Sheltered Harbor event
- Certification: Evaluating your safeguards and controls for compliance with the Sheltered Harbor specification and submitting your information for review and certification
Sheltered Harbor seamlessly integrates with the business continuity framework RSM has successfully utilized for years. We have the insight, advice and proven experience necessary to help you build a successful Sheltered Harbor program and to ultimately protect your customers, institution and public confidence in the financial system.