Insights: Article

Essential Cybersecurity - Best Practices for Financial Institutions (Part 2 of 2)

March 01, 2018

This is part two of a two-part series on cybersecurity.

Banks and other businesses that hold people’s most sensitive personal information are and will always be prime targets for cyber thieves. A proactive approach is the best way to ensure your customers’ data remains secure. Of course, that’s easier said than done. A proactive approach is truly a team effort that involves virtually everyone in your organization.
While it may seem like just an IT issue, the actions of your every- day staff are also critical keys to a robust cybersecurity program. Here are some best practices related to your staff and their computers that can help thwart any would-be attackers.

  1. Lock It Up
    You step away from your computer to grab another cup of coffee, did you lock your computer? While this best practice seems trivial, one would be surprised at how often it is not done in the office. Our computers house sensitive information and business processes, and when a workstation is left unlocked, there is a possibility an attacker could have unrestricted access to the system. To avoid possible information leaks or embarrassing photos being spread, simply remember to lock your computer before leaving your desks. Quick tip: Press the Windows Key + L to quickly lock your screen.

  2. Protect Your Machine
    Patching your operating systems and applications is another important security practice. Although patches are often released on a regular basis from Microsoft and Adobe, there are times when patches are sent out “off schedule” to defend against zero-day threats. Keep in mind that as time passes, new threats will be found, so system patching will be a constant security measure.

  3. Be Aware
    Social engineering is a non-technical approach hackers use to get sensitive information. Social engineering techniques include phishing emails, fake phone calls, and physical impersonation. Employees must be trained to be helpful but stern when it comes to giving out information, as well as how to identify a potential social engineering attack.

  4. Education
    Having all employees well-trained in the basics of network, system and information security is a huge step in today’s cyber world and one of the best investments that can be made. If you have a basic understanding of security or know how to identify a potential incident, you are less likely to fall victim to an attack. At the office, each employee should be kept up-to-date on information security policies and their role in protecting sensitive information. They should know the expectations when it comes to the limitation of personal use on company-provided equipment and should sign a statement acknowledging they understand the policies and penalties that result if guidelines are not followed.

  5. Backup
    Disasters that could cause data loss don’t usually give much of a warning, so consider this your friendly warning. Businesses are often not prepared for fires, floods, power failures, employee errors or even malicious programs. In each of these instances it is entirely possible for businesses to lose some, if not all, data and information stored on the computer systems. The best way to ensure all data and information is safe is to automatically back up all critical data on a daily basis. Data backups should be stored in a secure, off-site location.

Please contact your Eide Bailly Professional. Read all Insights from the Winter 2018 Possibilities here.

Latest Insights

January 15, 2019
Article
The back and forth on tariffs is wreaking havoc for many businesses. Here’s what you can do to help ease the pain.
January 15, 2019
Article
If you are a farmer who sold to a cooperative in 2018, you will need to provide additional information if you’re looking to take advantage of deductions this tax season.
January 14, 2019
Article
A proposed Accounting Standards Update may make some simplifying accounting alternatives available to nonprofits.
January 11, 2019
Article
Equity and commodity markets experience major losses, the Fed sends a hawkish message, home sales improve, and the economy maintains its momentum.
January 11, 2019
Article
Many financial institutions are starting the process for implementing the Current Expected Credit Loss model (CECL). Here are some helpful tips to consider as you begin your implementation.
January 11, 2019
Article
Is a social media account, such as LinkedIn, a personal account? Does your financial institution’s Acceptable Use policy address the use of social media for work-related business?