ATTENTION ONLINE CREDIT UNIONS

Cybersecurity has become an increasingly important subject for financial institutions to invest in and a key component of any successful information security program along with active participation from credit union executives and board members.  Julie Gessner, VP of CMS Sales, recently interviewed key staff at CU*Answers to get their input on hot topics relating to cybersecurity.

Improving Security Through Encryption

What is encryption and what is a VPN?

Encryption provides an effective way to improve data security by scrambling the original message in a way that only allows authorized persons to access and read it.  Encryption should be enabled when sending sensitive information via email or accessing it on a website. – Matt Sawtell

A virtual private network (VPN) uses encryption to keep communications private when using an untrusted network like the internet. – Dave Wordhouse

How do I know when there is an intruder?

Intrusion detection is a method of detecting unauthorized access to corporate computing resources and alerting management of unauthorized activities.  Note that intrusion detection is a passive response – if you want your security system to stop the intrusion when it is detected, you will want an intrusion prevention service included. – Matt Sawtell

How do I keep the bad guys out?

Make firewalls a priority – these help separate networks that are trusted from those that are untrusted.  Firewalls will help keep malicious internet traffic outside the credit union while still allowing some traffic through so that business-important websites can be accessed. – Dave Wordhouse

Be on alert for networks you don’t trust. – Matt Sawtell

Maintain a constant state of vigilance by having controls in place to detect and/or prevent security attacks. – Patrick Sickels

Be sure that your credit union has layered security design.  Effective security must be applied using multiple control stacks together – for instance, using a firewall with endpoint protection and data encryption. – Dave Wordhouse

Stay tuned for more tips on cybersecurity awareness throughout the month of October!