Partnering with you to protect your business financial assets is a priority at Martha's Vineyard Savings Bank. Just as you protect your business from intruders by activating a burglar alarm at closing time, your business computers must be protected from cyber thieves attempting to exploit weaknesses in your computer network.
Here are some suggestions::
- Use a dedicated computer to be used ONLY for online banking purposes. To decrease the risk of virus and malicious software, this PC should not be used for email, social media, or web browsing.
- Use a strong password that is not easily guessed. A unique password or token PIN is the first step of securing your online information. Do not share your password/PIN with anyone. Remember, our employees will never ask for your password.
- Keep operating systems, antivirus and other software up to date. Scan your computers for viruses regularly.
- Be aware of fraud techniques. Fraudsters use official-looking e-mails (Phishing) and websites to lure you into revealing confidential financial information. The messages appear to be from trusted banks, retailers or other companies. Be suspicious of any e-mail with urgent requests to "verify account information." If you receive a suspicious email, do not click on any links or attachments, since they could contain malware. Just delete the email.
- Check your account balances and transaction activity daily and promptly report any suspicious activity to the Bank.
Tips to ensure your computer is secure:
- Update your operating system, browser and software regularly.
- Use anti-virus software and keep it up-to-date including virus definitions.
- Shut down your computer when not in use.
- Set up encryption passwords on your home or office wireless networks.
- Password protect mobile devices.
- Use a firewall.
- Learn about and consider using encryption on laptops, thumb drives and other portable devices.
- You can also review (and download) the Small Business Tip Card
By setting up dual approval, you can decrease the risk of wire or ACH fraud. Dual approval prevents a single user from creating and approving transfers, ACH and Wire transmissions. Best practices recommend procedures in place to segregate duties and require a second set of eyes prior to transmission of these transactions. One person can initiate and a second approves, the approval can be done through online or mobile banking.
STOP, THINK, CONNECT The Stop, Think, Connect campaign helps businesses learn about cybersecurity and provides materials to educate employees about cybersecurity risks and how they can protect themselves. [Find out more].
- Assess risk and identify weaknesses - If your sensitive information is linked to the Internet, then make sure you understand how it's being protected.
- Create a contingency plan - Establish security practices and policies to protect your organization's sensitive information and its employees, patrons, and stakeholders.
- Educate employees - Make sure that employees are routinely educated about new and emerging cyber threats and how to protect your organization's data. Hold them accountable to the Internet security policies and procedures, and require that they use strong passwords and regularly change them.
- Back up critical information - Establish a schedule to perform critical data backups to ensure that critical data is not lost in the event of a cyber attack or natural disaster. Store all backups in remote locations away from the office, and encrypt sensitive data about the organization and its customers. Invest in data loss protection software and use two-factor authentication where possible.
- Secure your Internet connection - Use and regularly update antivirus software and antispyware on all computers. Automate patch deployments across your organization, use a firewall, encrypt data in transit, and hide your Wi-Fi network. Protect all pages on your public-facing websites.
- Create a continuity plan - A continuity plan ensures that of nature, accidents, and technological or attack-related emergencies. Business functions can continue to be performed during a wide range of emergencies, including localized acts. Templates for this type of plan at fema.gov
Protecting Personal Information: A Guide For Business