DTCC issued notices re connectivity security requirements and standards, secure connections to government and mortgage backed securities, and other participants.
FICC, NSCC and DTCC Secure Connections
Members with non-compliant connections must take actions to avoid connectivity disruption, and must review, plan, and implement changes to ensure compliance.
Must also conduct configurations of TLS (Transport Layer Security) certificate and cipher specs, and the Network Data Mover (NDM) must have Secure+ installed.
Also use listed key exchange algorithms, ciphers, MACs, client side, accepted by DTCC.
Unencrypted FTP will not be supported and must be converted to SFTP connectivity method set up and connect with DTCC’s Client Connectivity Services to migrate.
Effectiveness
Compliance to DTCC security standards is mandatory by Dec. 31, 2024.
Sep. 2024 FIC, NSCC Secure Connections
On Sep. 30, 2024, DTCC issued notice re FICC GSD, MBSD, NSCC secure connections.
DTCC will begin disconnection of non-compliant connections starting with FTP, SFTP.
Unencrypted FTP will not be supported and must be converted to SFTP or alternative.
Migration to compliant protocol can take up to 3 months due to new configurations.
Client-side change only, which means that DTCC servers will be upgraded to accept only the secure encryption key exchange algorithms, ciphers, MACs listed in notice.
Members asked to review connections and contact connectivity team by Oct. 18, 2024.
