Testing alerts
The best defense is a good offense. To keep your online banking information secure, think like a target and use protective tools. We’re here to help with both. Here are five plays to run in a successful offense:
Make sure your software programs, such as those provided by Microsoft, Intel (formerly McAfee), Symantec, Apple and other companies, are up-to-date to keep your computer clean from known software and routines that would breach your security practices.
You need a good computer. Resist the urge to save money by purchasing from an unknown source. The risk of malware isn’t worth it.
You need a good password, a well-managed computer or mobile device, and a secure internet connection at home. The best password scheme is to have a different password for each website that is not the same as the password that protects your computer or mobile device. Use a password manager to help keep track of multiple passwords.
Take online banking security seriously, and follow all of these precautions.
Budget to protect your security. When it comes to making a decision on hardware or software, cutting corners on quality to save money will only put your finances and identity at risk.
Guard against emails and websites that try to steal your information or your money.
As a rule of thumb, NEVER open emails or click links in an email from people you don’t know. Also, even if you do know the sender, it makes sense to hover your mouse over the link (or button or banner) and verify that the link goes to a trusted site.
Your online security depends much upon the security of your computer, mobile device or tablet. Follow three simple steps to protect them.
Most computer operating systems and program applications have settings for that allow for automatic updates, including those that relate to user security. It is suggested that users allow those updates to automatically be installed on their computer, thereby providing ongoing protection against current and known threats. You can usually go online, to official websites, and find out if you have the most current version of operating systems and applications.
No firewall and anti-virus software can defend against theft of, or physical access to, your computer or mobile device. Take precautions by requiring a password to log on to the connected device, and require that password to get past the screen saver.
Your computer cache is a specialized form of computer memory. Cache is designed to speed up the computer by prioritizing its contents for quick access.
Users are cautioned to be careful about permitting their web browser to cache information (login IDs, passwords, user name, etc.) which contains banking or other critical and private information. To monitor and control your browser cache try these steps: (1) go the Help page of your browser, (2) search for “clear cache,” and follow the directions.
Businesses should assign a high-priority to their online security and ensure appropriate resources to support that priority.
Think Strategically
Determine the relative importance of information maintained by the company and the means of accessing that information.
Windows-based office computers should be running the most recent Professional (not “Home”) version of Windows
Screen savers should be enabled after a few minutes of inactivity and require the domain user name and password.
Laptops should have a Trusted Platform Module (TPM) installed so that the information on the hard drive can be protected via a good encryption scheme.
Strong passwords should be required by domain policy.
Every day each computer should verify that it is up-to-date with current operating system patches, software updates and malware protection.
Develop your people to protect your business
The people in your company are about the biggest risk to information security you’ve got. Regularly and often train your people in security best-practices.
Business-grade tools
Consumer-grade software tools are generally insufficient for businesses. Your business must be able to manage technology components, preferably from more than one location. Business technology assets that must be managed centrally, not just individually, would include:
Employee access and control (user accounts)
Your internet domain name
Your website (not the same as your domain name)
Computers (software installation, updates and patches)
Software
Mobile devices
The file server
The internal network traffic (firewalls, routers, switches, et al)
Wireless access points
The phone system (especially if it’s a VOIP system)
Surveillance cameras (especially if they are wireless)
Doors
If your company has a dozen computers or more, protect sensitive information with well-formed, centralized management. In most cases, employees should not be allowed to install software on their computer, and the company should know when computers on its network are running out-of-date virus software – and be able to fix that problem quickly.
Small businesses can manage their systems on an individual, ad hoc basis. If your company has more than 10 employees, it should take a good, hard look at the people and the technology that stand in front of (not behind) its information. Perhaps it is time to hire an outside expert.
Peoples Bank has extensive resources devoted solely to online security.
It starts with rigorous technology requirements, for itself and its partners. Extensive reviews and audits are regularly conducted. High standards and ethical behavior are demanded and received by employees and the employees of partners and vendors. The bank’s systems are protected by multiple physical and digital access control. The bank’s databases are protected by multi-factor authentication and off-set data connections. In addition, thousands of different types of transactions are constantly monitored for unusual or excessive activity. All of this requires substantial investment and resources, of a magnitude that is simply out of the reach of smaller institutions.
Nobody can protect against each and every threat. But Peoples Bank is doing all it can with known technology resources and insight to protect its information, your information.
User authentication
We go to great efforts to make sure that the person attempting to log in to an account on has been approved and is qualified to do so.
A customer can’t just get to their account online without first telling us the account should have such access.
At the time of account setup, the customer’s verified email account is used to make sure that only the person with access to that email account can begin the process of online account access.
The user id is never the email address.
The password is never emailed. A temporary password is emailed and intended to be used immediately. It is sent to the email address already set up on the account and does not include the additional piece of information needed to login, the user id.
The password to our online system has a rigorous requirement of length and character combination.
Please talk to your knowledgeable and trained Peoples Bank employee if you have questions about online account access.
