Online banking has brought a considerable amount of convenience to users, especially businesses who must do a large amount of banking transactions. However, this convenience comes at the potential cost of security.
This article will outline some simple, yet effective practices for businesses to implement when dealing with online banking. Failure to protect against a ‘cyberheist’ of online bank accounts could result in large amounts of lost money, as well as investigations from authorities.
Dedicated Environment for Online Banking
Always use a dedicated ‘online banking only’ computer when accessing anything financially related online. These systems should ideally be a completely distinct computer, with its own custom firewall rules, as well as a unique VPN that is separate from the other business computers. Only bank related websites should be visited, with no exceptions for any other websites. Making an occasional visit to another, non-essential, part of the web defeats the entire purpose of using a dedicated computer.
If a dedicated computer for online banking is not possible, then a ‘live CD’ approach should be taken. A live CD is a disc that allows you to boot into a Linux operating system, and run completely separate from the other operating systems on the computer.
Avoid Microsoft Windows if Possible
Due to its popularity, Windows is the target of the vast majority of malicious software. Microsoft does a good job at patching security holes, but they cannot catch everything. On a basic operating system level, without the aid of anti-viruses and other services, Windows is less secure then other operating system options such as Debian and Ubuntu.
Regardless of what operation system is decided on, a fresh install of the operating system is mandatory, with anti-viruses, firewalls, and VPN’s setup as soon as the system is online.
Keep Everything Up to Date
A general rule of thumb is: if you installed it, patch it. Keeping the operating system and anti-virus up to date is critically important, but it is just as important to keep third party applications, such as browser extensions, up to date as well. Oftentimes malware will target popular browser extensions which have not been updated in order to gain acces to your system. If you have any software on your computer that you do not use, uninstall it from the computer.
Require At Least Two People to Sign Off on Every Transaction
This is one of the most effective security measures, as it is very difficult for malware to get around this step. If having two people sign off on transactions is not possible, then try to setup two step authentication for transactions. Two step authentication will force you to confirm the transaction twice and in two different places (example: two difference email addresses, or an email address and a text message).
Copyright © 2017 Packetworks — Created by Barefoot Creative