Insights: Article

Essential Cybersecurity - Best Practices for Financial Institutions (Part 2 of 2)

March 01, 2018

This is part two of a two-part series on cybersecurity.

Banks and other businesses that hold people’s most sensitive personal information are and will always be prime targets for cyber thieves. A proactive approach is the best way to ensure your customers’ data remains secure. Of course, that’s easier said than done. A proactive approach is truly a team effort that involves virtually everyone in your organization.
While it may seem like just an IT issue, the actions of your every- day staff are also critical keys to a robust cybersecurity program. Here are some best practices related to your staff and their computers that can help thwart any would-be attackers.

  1. Lock It Up
    You step away from your computer to grab another cup of coffee, did you lock your computer? While this best practice seems trivial, one would be surprised at how often it is not done in the office. Our computers house sensitive information and business processes, and when a workstation is left unlocked, there is a possibility an attacker could have unrestricted access to the system. To avoid possible information leaks or embarrassing photos being spread, simply remember to lock your computer before leaving your desks. Quick tip: Press the Windows Key + L to quickly lock your screen.

  2. Protect Your Machine
    Patching your operating systems and applications is another important security practice. Although patches are often released on a regular basis from Microsoft and Adobe, there are times when patches are sent out “off schedule” to defend against zero-day threats. Keep in mind that as time passes, new threats will be found, so system patching will be a constant security measure.

  3. Be Aware
    Social engineering is a non-technical approach hackers use to get sensitive information. Social engineering techniques include phishing emails, fake phone calls, and physical impersonation. Employees must be trained to be helpful but stern when it comes to giving out information, as well as how to identify a potential social engineering attack.

  4. Education
    Having all employees well-trained in the basics of network, system and information security is a huge step in today’s cyber world and one of the best investments that can be made. If you have a basic understanding of security or know how to identify a potential incident, you are less likely to fall victim to an attack. At the office, each employee should be kept up-to-date on information security policies and their role in protecting sensitive information. They should know the expectations when it comes to the limitation of personal use on company-provided equipment and should sign a statement acknowledging they understand the policies and penalties that result if guidelines are not followed.

  5. Backup
    Disasters that could cause data loss don’t usually give much of a warning, so consider this your friendly warning. Businesses are often not prepared for fires, floods, power failures, employee errors or even malicious programs. In each of these instances it is entirely possible for businesses to lose some, if not all, data and information stored on the computer systems. The best way to ensure all data and information is safe is to automatically back up all critical data on a daily basis. Data backups should be stored in a secure, off-site location.

Please contact your Eide Bailly Professional. Read all Insights from the Winter 2018 Possibilities here.

Latest Insights

September 19, 2018
Article
The IRS has started sending out Letter 5699 asking businesses to verify if they should have filed Forms 1094/1095-C. These forms are required for all ALEs.
September 18, 2018
Article
As the largest tax reform legislation in the past 30 years becomes reality, it is important to stay up-to-date on planning opportunities and how reform may impact you and your business. Our Tax Reform: Practical Insights examples aim to break down…
September 18, 2018
Tool
Get ahead of tax season with the Eide Bailly Tax Planning Guide. A supplemental strategy guide to help guide year-end and make the tax laws work for you.
September 18, 2018
Article
The SCOTUS Wayfair decision has prompted a new focus on state and local tax compliance. The decision to register, report, and comply is important.
September 17, 2018
Article
When an IRS Letter 226J is received, it is important to respond timely and with accurate information to eliminate, abate or reduce IRS calculated penalties
September 17, 2018
Firm News
Tom Goekeler, partner at Eide Bailly LLP, has been named chief practice officer of the South Central region, which currently covers our Oklahoma and Texas offices.
September 17, 2018
Article
The recent US Supreme Court decision that overturned Quill in the South Dakota v Wayfair case has many states making or considering law changes related to sales tax compliance for out-of-state sellers.
September 12, 2018
Article
The Tax Cuts and Jobs Act, signed December 22, 2017, significantly impacted inbound tax planning. Non-U.S. taxpayers doing business in the U.S. will need to consider the new tax laws.
September 12, 2018
Article
Applications have made a huge impact on our lives, allowing us to keep track of the complexities of our day-to-day and save for our futures. But it’s important to understand where we are laying our trust.