<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=4052188&amp;fmt=gif">

As a consultant focusing on security, I often field questions on which products perform better than others, in particular, anti-virus. Every credit union has a form of an antivirus solution both expensive and inexpensive. Some credit unions have more than one on different layers of their network in efforts of implementing multiple layers of security. However many underestimate the most effective solution. 

credit union cyber securityEmployees are the credit unions’ first line of defense. The criminals understand the inherent flaws in human nature, and they prey on it. Flaws include being trusting, courteous, social, curious, fear of authority, desire to help and wanting to be liked. I believe these attributes are more apparent in our industry because of the service-oriented model of credit unions.

Much like antivirus solutions, firewalls, and intrusion prevention systems, employees also need to be updated on the newest methods of attack to foil the ‘bad guys’ from obtaining the credit union’s confidential information. Attacks like phishing, spear-phishing, whaling, website spoofing, and ext. can be thwarted by training employees on current methods of attack. Some training tips include, but are not limited to:

      • When in doubt of a link, type it out
      • Be suspicious without losing positive member service
      • Prior to visiting unfamiliar websites, check reviews
      • New scams and methods for attack
      • Social Engineering
      • Learn to spot criminals pretexting to divulge insignificant data – info may be significant to thieves bypassing multi layered authentication
      • Don’t give phone extensions or e-mail addresses out.
      • Train cleaning crew on social engineering attacks
      • Be aware of connecting ‘freebies’ or items found to your PC (i.e. USB drives/CDs/Keyboards)
      • Share stories with other credit unions
      • Place Google Alert on you and your credit union (google.com/alerts)
      • Test/assess the security posture. Use even the bad test results in a positive way when training
      • Leverage training and compliance by training employees on your risked based Information Security Policy & Program per NCUA Regulation 748 Appendix A
      • Develop a member education program in line with FFIEC’s guidance on multifactor authentication

There is a direct relation to a sound security posture and frequent employee training. So, it is important for your credit union to deploy your credit union’s best asset, employees.  Get the employees engaged and tap into their creativity. Ask employees to think of unique ways to breach the credit union, and then update security procedures and training accordingly.  

By Idrees Rafiq, Jr., AVP IT Consulting, Credit Union Resources, Inc.

Get the 2015 Strategic Planning Guide

You may also like

Is Your Credit Union Ready to Address Liquidity Shortfalls?
Is Your Credit Union Ready to Address Liquidity Shortfalls?
8 January, 2014

Today we're bringing you another guest blog post from our friends over at Credit Union Resources. Bob Rehm, VP, Sales an...

Make People Fall in Love... With Your Credit Union
Make People Fall in Love... With Your Credit Union
12 February, 2014

Let’s talk relationships… Okay, don’t panic! Though extremely important to the overall balance of life and happiness, th...

Credit Union Expert Shares 2014 Strategic Planning Insights
Credit Union Expert Shares 2014 Strategic Planning Insights
11 December, 2013

Today we have a special treat. We're bringing you a guest blog post from our friends over at Credit Union Resources. Dea...