Insights: Article

Essential Cybersecurity - Best Practices for Financial Institutions (Part 2 of 2)

March 01, 2018

This is part two of a two-part series on cybersecurity.

Banks and other businesses that hold people’s most sensitive personal information are and will always be prime targets for cyber thieves. A proactive approach is the best way to ensure your customers’ data remains secure. Of course, that’s easier said than done. A proactive approach is truly a team effort that involves virtually everyone in your organization.
While it may seem like just an IT issue, the actions of your every- day staff are also critical keys to a robust cybersecurity program. Here are some best practices related to your staff and their computers that can help thwart any would-be attackers.

  1. Lock It Up
    You step away from your computer to grab another cup of coffee, did you lock your computer? While this best practice seems trivial, one would be surprised at how often it is not done in the office. Our computers house sensitive information and business processes, and when a workstation is left unlocked, there is a possibility an attacker could have unrestricted access to the system. To avoid possible information leaks or embarrassing photos being spread, simply remember to lock your computer before leaving your desks. Quick tip: Press the Windows Key + L to quickly lock your screen.

  2. Protect Your Machine
    Patching your operating systems and applications is another important security practice. Although patches are often released on a regular basis from Microsoft and Adobe, there are times when patches are sent out “off schedule” to defend against zero-day threats. Keep in mind that as time passes, new threats will be found, so system patching will be a constant security measure.

  3. Be Aware
    Social engineering is a non-technical approach hackers use to get sensitive information. Social engineering techniques include phishing emails, fake phone calls, and physical impersonation. Employees must be trained to be helpful but stern when it comes to giving out information, as well as how to identify a potential social engineering attack.

  4. Education
    Having all employees well-trained in the basics of network, system and information security is a huge step in today’s cyber world and one of the best investments that can be made. If you have a basic understanding of security or know how to identify a potential incident, you are less likely to fall victim to an attack. At the office, each employee should be kept up-to-date on information security policies and their role in protecting sensitive information. They should know the expectations when it comes to the limitation of personal use on company-provided equipment and should sign a statement acknowledging they understand the policies and penalties that result if guidelines are not followed.

  5. Backup
    Disasters that could cause data loss don’t usually give much of a warning, so consider this your friendly warning. Businesses are often not prepared for fires, floods, power failures, employee errors or even malicious programs. In each of these instances it is entirely possible for businesses to lose some, if not all, data and information stored on the computer systems. The best way to ensure all data and information is safe is to automatically back up all critical data on a daily basis. Data backups should be stored in a secure, off-site location.

Please contact your Eide Bailly Professional. Read all Insights from the Winter 2018 Possibilities here.

Latest Insights

July 19, 2018
Article
While it’s great to watch your team grow, hiring new employees can be a frustrating and grueling process.
July 19, 2018
Article
Often, human resources (HR) is over looked, but we’re here to tell you it’s an essential component of any organization and critically important to get right.
July 13, 2018
Article
Here are some idea for giving your new hire a smooth start into your business and alleviating stress for you.
July 13, 2018
Article
The impact of the recent SCOTUS Wayfair decision will continue to have a ripple effect on businesses and state sales tax compliance.
July 9, 2018
Article
The revenue cycle is a complex system and we have historically given much attention to the front-end and back-end while oftentimes leaving the middle functions of the cycle neglected.
July 3, 2018
Article
FASB Accounting Standards Codification Topic 606, Revenue from Contracts with Customers, provides a 5-step framework for determining revenue recognition.
July 2, 2018
Article
As part of the Tax Reform Act of 1986, the “Kiddie tax,” a taxing regime designed to make the transfer of income items by wealthy parents to lower tax paying children less attractive, was implemented.
July 2, 2018
Article
When it comes to your employees, you likely conducted interviews on them when you first hired them.
July 2, 2018
Article
Nearly ten years after the release of the initial exposure draft, FASB issued ASU 2016-02, Leases - The standard may have been issued, but the conversation about this re-write of legacy guidance has not slowed.