Sending your bank transactions surfing across the web can be as hazardous as piloting a ship through pirate-infested waters. Here are seven best practices for online banking security.
Use a Dedicated PC
The American Bankers Association now recommends that businesses use a dedicated PC for online transactions. Cybercriminals are writing malware to create fraudulent Automated Clearing House (ACH) and wire transfers. In order to hijack your transactions, a criminal must first insert the malware onto one or more of your company's computers. Infecting a computer is much easier if that computer is regularly connected to the internet or used for email. In particular, the ABA recommends that "commercial banking customers carry out all online banking activities from a stand-alone, hardened and completely locked down computer system from which e-mail and Web browsing are not possible."
Lock Down Your Computer
So-called "locked down" computing creates a secure channel between your PC and your bank's server. IBM's ZTIC is one hardware solution that you can use to secure your online transactions.
Establish Dual Control
Work with your bank to establish "dual control" over your account. Once this safeguard is in place, two individuals from your organization will need to log on and authorize any transaction. With dual control in place, a hacker would need to breach two computer accounts in order to commit a fraudulent transaction.
Get Alerts
You can also request that your bank send email confirmations of online transactions. This will provide you with an early warning of any fraudulent activity.
Use Strong Passwords
Treat your password like a toothbrush; change it often, and don't ever share. Strong passwords are the first line of defense in your online kingdom. Follow this link to rea more about creating strong passwords.
Check Account Balances at the End of the Workday
Automated Clearing House (ACH) transactions are not usually processed until the next business day. If you catch a fraudulent transaction at the end of a business day, you may be able to cancel it before any funds are transferred.
Don't "Friend" Strangers
An article by ID Theft expert, Robert Siciliano should give every CIO and CSO heartburn. Siciliano relates how a white hat hacker used Facebook to breach a company's physical security and infiltrate their network. The same techniques could be used to to hack into online banking accounts. Siciliano says that most people drop their guard on Facebook. And why not? After all, on Facebook, you're surrounded by people you "know, like and trust." The author's bottom line: "Mom told you not to talk to strangers. I'm telling you not to "friend" strangers, because they could be scammers. Scammers are watching. They know that once you are on Facebook, your guard goes way down."
No comments:
Post a Comment