Latest Stories

    Celero Insights

    Filter By Categories

    CU at Home blog series: Part 2 – cyber security best practices

    May 01, 2020

    With the spread of COVID-19, many employees across Canada have been asked to work from home and practice social distancing. Employers and employees will need to work together to protect the health of employees and clients, and to keep the workplace delivering its essential services.


    We know that credit unions in Canada often rely on in-person interactions with co-workers and members, so this shift to working from home can be challenging for many. To help Canadian credit unions smoothly transition to a new work style, Celero has created a three-part blog series on  considerations for remote working practices.

     

    As part two of our blog series, Celero has gathered some information that can help your credit union remains secure while working from home.

     

    Cyber security best practices

     

    COVID-19 is a perfect storm for cyber-attacks because organizations are focused on business continuity and protecting their employees and customers. There’s a myriad of communications going out about COVID-19 from government organizations, private businesses and non-profits and people are fearful and looking for answers.

     

    The top ways that malicious actors are delivering cyber-attacks are through phishing, malicious apps, bad domains, insecure endpoints and posing as healthcare, government and financial institutions. Mitigating these threats requires vigilance and a commitment to being cyber resilient. It’s a ripe environment for threat actors to execute attacks with fear tactics disguised amongst authentic COVID-19 communications.

     

    Key security practices for credit unions during this precarious time are:

    • Multi-factor authentication
    • Access management processes
    • Extreme caution with COVID-19 related emails, attachments, hyperlinks, social media and texts
    • Use trusted courses (government, etc.) for COVID-19 information
    • Phishing tests and good practices can help provide security awareness
    • Changing passwords on a regular basis
    • Good home network hygiene. Employees are bringing corporate assets into what could be termed a semi-hostile environment. Credit unions should ensure employees have anti-malware, anti-virus, proper patches and updated routers.

    Remote access practices

     

    Logging off of your VPN daily is also an essential step to keeping your devices secure. Employees should only connect to VPN during business hours rather than having a 24/7 connection. If one device is compromised it provides a secure gateway to enter the network.

     

    It is recommended that employees use a corporate provided secured device to be your primary device. If they must use a home device, make sure it is properly secured and that they only use the device for professional use not personal to avoid any compromises. Celero clients can visit the Celero eStore if to find secure devices for employees.

     

    Beyond logging off VPN, Celero recommends that you shut down your computer at the end of each business day. Some of the benefits of shutting down your computer daily includes:

    • Allowing your computer to address any driver malfunctions
    • Ensuring there are no other applications running in the background
    • Protecting your equipment from power surges
    • Preventing the opportunity for malicious activity to take place in your absence

    Using online conferencing tools securely

     

    With an increase in threats (scams, malware, ransomware, phishing attacks)​ appearing globally, security is top of mind for many in the industry. Additionally, with a shift to a remote workforce there has been a significant uptake in businesses using video conferencing tools. Chief Information Security Officer at Celero, Bently Rolf provided some tips to ensure your video conferencing/meeting tools are more secure.

    • Enable a meeting password where applicable to prevent attackers from joining your meeting
    • Remove embedded password in URL by default is critical
    • Don’t allow participants to rename themselves
    • Only allow one participant to share at a time

    Next week – in part 3 of this series, we will be focusing on mental health while working from home.

     

    Please reach out to your Celero Account Executive or contact us here if Celero can do anything to help your credit union through these uncertain times.

     

    Related posts:

    CU at Home blog series: Part 1 – working remotely and what's worked for Celero

    Three fintech solutions for COVID-19 challenges

    Introducing the Aura™ instant issuance program

    Resources to Assist with Your Organization’s Pandemic Preparedness

    Fraudsters Exploiting Covid-19 for Profit

     

    Subscribe to Celero Insights.

    Subscribe Email