There are many risks to online banking, but taking these steps can help keep your company safe.
In our always-on, always-connected culture, online banking is ubiquitous, and for good reason. Innovations like mobile deposits, the ability to access your account information, easily send or transfer money between accounts or vendors all make banking easier and more convenient than it’s ever been.
Despite the benefits of online, it comes with some level of risk. If you’ve ever faced identity or credential theft — on either the personal or business level — you know how much of a nightmare it can be to regain control of your accounts and resolve fraudulent activity.
Here are some actionable steps you and your staff can take to keep sensitive information safe while banking online.
Practice Effective Password Hygiene
The majority of cyberattacks originate with either a weak or compromised password, meaning that the best line of defense against online banking attacks is to ensure that password best practices are being enforced throughout your organization.
Create Strong, Unique Passwords for Each Device
The first step is to ensure that your staff are using strong passwords on all devices and services. Naturally, that means making sure that employees aren’t using the name of a spouse, kid, or pet in passwords, as well as low-hanging fruit like “password” or “123456.” Those passwords take literally fractions of a second to compromise.
Instead, passwords should be long and unique. Some of the strongest passwords are a combination of three or four random words. If you want to know more about the current best practices for creating strong password, you can read more in our previous article on the topic.
Store Passwords Properly
Password storage is another element of good password hygiene. If your important passwords are written on a sticky note under your keyboard, you’re at risk. You may think of your office as private, but how many other employees in your business could gain access to it? What about the cleaning crews, security, or maintenance personnel? They all present a cybersecurity vulnerability.
Don’t Reuse Passwords Across Multiple Site
According to research form LogMeIn, an identity and access management vendor, 91% of employees know that they shouldn’t reuse the same password on multiple sites, yet most people (59% of those polled) do it anyway. This lazy behavior is another major cause why bank and financial credentials get compromised as regularly as they do.
A recent update to Google’s Chrome browser now notifies users if stored credentials have been found in breached databases. Employees should be taught to take these warnings seriously.
Enable Two-Factor Authentication
Another important step to take in keeping your business banking accounts secure is to enable two-factor authentication (2FA). With 2FA, your username and password aren’t enough to get into your accounts. You’ll need a second layer, or factor, of authentication.
Popular forms of two-factor authentication include:
- Biometric information, such as retina or fingerprint scans
- Authenticator apps and time-based on-time passwords (TOTP)
- Push-based mobile 2FA
- Text message authentication
2FA is one of the greatest ways that your business can protect itself when online banking, but you’ll need to determine which form of 2FA is right for your network and employees first, as each has its own ideal use cases. If you want help determining which form of 2FA is best suited to protecting your business, or would like an expert to help you deploy a comprehensive 2FA solution to secure all your network endpoints, feel free to contact the Complete Network team to find out more.
Did you know that 80% of passwords can be compromised within 24-hours using consumer-grade password cracking tools?
Avoid Public Wi-Fi Connections
Public Wi-Fi has brought Internet access to places that wouldn’t otherwise have it, providing a new level of convenience and productivity to workers on the go. But as with the convenience of online banking, it comes with a security cost.
Here are some tips for staff conducting banking or financial transactions from the road:
- Educate employees about the difference between HTTP and HTTPS
Encrypted HTTPs connections are much more effective in terms of protecting client information. Inform your employees about the difference and make sure they know never to pass bank or financial information over a standard HTTP connection.
- Establish a Company Virtual Private Network
Having a reliable company Virtual Private Network (VPN) is another great way to keep employee data safe as they surf public WiFi connections. VPNs provide employees outside the office with a secure tunnel through which to surf the Internet, keeping valuable bank data safe from prying eyes.
If you’re in a situation where you have no choice but to use public Wi-Fi, teach employee to stick to WiFi services from reputable brands and vendors, as they’re more likely to have implemented the appropriate security measure.
Train Employees to Be Aware of Fraud
Cybercriminals have always relied on social engineering attacks to compromise bank and financial information. A broad category of attack, social engineering attacks are often targeted at bank and financial details and must be part of any comprehensive cybersecurity defense.
- Phishing and Advanced Malware
Bank details are one of the primary targets of phishing attacks, a topic which we explore in great depth here. Recent forms of malware, like the kind that recently struck JP Morgan, are designed to steal bank and financial data in targeted attacks.
- Vishing and Other Types of Fraud
Some cyber criminals are so bold they’ll call you or your finance department directly, pretending to want to update account details, investigate fraud, or run a charity scam. Defending against these attacks is a straightforward affair, as long as your steady is knowledgeable and prepared.
Your employees are the front line of your cyber defenses, and any staff member working with company financial and banking details must be prepared to protect your organization. To help businesses deal with these threats, Complete Network offers comprehensive cybersecurity vigilance training, that provides customized, ongoing education about the latest cybersecurity threats.
Complete Network Can Help Secure Your Business Banking
As a trusted technology partner to many firms in Albany, New York and Charlotte, North Carolina, Complete Network has decades of experience helping businesses secure technology systems against cyber threat, with a particularly on sensitive banking and financial data.
If you’d like to talk to a friendly cybersecurity expert about securing your technology against online banking fraud and intrusion, call us any time at 877.877.1840 or email us at [email protected].