What can you do to protect yourself?
Dual Control
Assign one user with the authority to create a transaction and choose a different user to actually submit / approve the transaction
Tokens
An additional security feature in the form of a small, hand held device that provides a unique password with each touch of the button. 1st Mariner Bank utilizes tokens provided by
VASCO.
Click
here for more information on the
DigiPass260 and to see how it works.
Alerts
With 1st Online alerts, you can now receive notifications, via e-mail, whenever a user creates or submits a transaction or changes their user profile. You can also be alerted to changes in your balance and when a user is added or deleted.
Multi-Factor Authentication
Some online applications require more than one layer of authentication before allowing the user access. For example, entering a user name and password is one layer of authentication. A second layer would be the requirement that you register your computer during the initial log-in. If you sign-on from a different computer, you will be asked challenge questions before being allowed to continue. Another example is the image and phrase that shows up on the password screen once you enter your user name. If the image and phrase match, you have landed on the page you intended. If not, you should not enter your password.
Click our
Fraud Prevention in the Workplace Video for more information on
Multi-Factor Authentication (to the right).
Dedicated Workstation
Designate a specific workstation as the “Banking Workstation” and limit its use to only banking business. This workstation should not be used for web browsing.
Monitor and Balance Your Account Daily
You are first line of defense against fraudulent activity on your accounts. Make it a practice to log onto your bank’s website daily and review your accounts. Pay special attention to suspicious or unexplained transactions.
Always Update Workstations w/ Latest Anti-Virus Software
Advances in technology happen at lightning speed as do the number of ways someone can wreak havoc on your accounts and computers. Make sure your anti-virus software and patches are up to date.
How does Reg E protect my business accounts?
The short answer is - IT DOESN'T!
Regulation E or the Electronic Funds Transfer Act is specifically geared towards consumers not businesses. This regulation provides the framework of the rights, liabilities and responsibilities for users of the Electronic Funds Transfer system. It covers:
- ATM Transfers
- Telephone bill payment systems
- Point of Sale (POS) terminal transfers in stores
- Preauthorized transfers from or to a consumer’s account (e.g.: direct deposit)
What are some ways you can mitigate your own risk for cyber attacks?
Positive Pay - Ensure only the checks you write are being cashed.
Positive Pay was created to help prevent fraud on business checking accounts. As checks are issued, the payee name, check number, date and amount are entered in an online banking application. As those checks clear through the bank, they are matched up against the initial information entered by the customer. If there are any discrepancies between the actual check and the information entered, the check is considered as an “exception item” and the customer is notified through the online banking application. This notification allows the customer to decide whether to pay or return the potentially fraudulent item.
Do Not Share Your Passwords
- Never share your password with anyone! Anything that happens under your log-in is automatically your responsibility.
- If one employee leaves and another is hired, be sure to terminate the departing employee’s access and assign a new user ID for the new employee.
- Always contact Cash Management when an employee, who had access to 1st Online , leaves your employ. The Cash Management department has the ability to block, delete and add users at your discretion.
Change Passwords.
- Institute the practice of changing passwords every 30 – 90 days.
- Require minimum length and complexity of passwords.
- You should require passwords be a minimum length of 6 characters and should be alpha-numeric ( a combination of both letters and numbers).
Always lock workstations if leaving them unattended.
- Locking workstations will prohibit unauthorized users from gaining access to programs on your workstation when you are not around.
Always log out of internet sites that you visit.
- Don’t just “X” out of the web browser screen when leaving an internet site. In most instances, the site will still “show” you as logged in, leaving the possibility for a non-authorized user accessing the information.
Never download unauthorized shareware programs or files without authorization.
- Never download programs without first verifying the validity of the information.
E-mails are like postcards. ANYONE CAN READ THEM!
- Do not e-mail proprietary information without encrypting software.
When will the Bank contact you requesting log-in or account information.
Plain and simple...never.
1st Mariner Bank will NEVER call you requesting your online banking log-in information or your account numbers. If you receive unsolicited calls requesting this information, hang-up and contact the Bank immediately.
When is it a good time to perform a
“risk-assessment” of your company’s security?
Why not right now?
The link below is a simple and quick questionnaire, containing 10 questions to help determine the adequacy of your company’s security.
Risk Assessment - WHAT ARE YOU DOING TO MITIGATE THE RISKS TO YOUR BUSINESS?
Who can you call to report an issue or ask a question?