Recently Facebook experienced the largest one-day drop in history when it’s stock price plummeted $41.24, which turned out to be a decrease just shy of 20%. Facebook’s stock price has proven to be volatile throughout 2018 between decreasing user engagement, the Cambridge Analytica data breach, and Zuckerberg’s highly televised testimony to Congress. However, the biggest hit came at the end of July when Facebook released its Q2 earnings report, which unsettled investors once they saw a decline in active Facebook users, new obstacles emerging from Europe’s updated privacy laws, and concerns regarding the monetization of ads on Instagram leading to an overarching concern about Facebook’s potential profitability moving forward. Despite the variety of issues that led to Facebook’s demise in the stock market, the source of these problems all stems from one place: Security.
Facebook has been open about their neglect in protecting the privacy of their users, which ultimately led to a decline in user activity, and heightened focus on the protection and security of consumer data. In his testimony to Congress, Mark Zuckerberg took responsibility for Facebook’s missteps in regulating privacy: "It's not enough to give people control of their information, we have to make sure developers they've given it to are protecting it too." The Facebook scandal has been a cautionary tale not only within the social media space, but across all industries that have reasonable responsibility for their user’s data. For the financial industry especially, it’s more important than ever to ensure member information is protected and secure.
The number of cyber security breaches worldwide is staggering, and credit unions are no exception (click on the infographic to the right to see the figures). According to the Credit Union Times, there were 134 security breaches in the financial industry alone, which surmounted to 3,122,090 compromised member records in 2017. Financial institutions are cracking down on their security protocol to evaluate and improve upon existing procedures to better member privacy. Here are security measures that credit unions need to be thinking about to have a scandal-free year:
Think Like a Hacker
Look for holes in your network that hackers could easily penetrate. In most cases, hackers target small credit unions that they believe will have weak malware protection. Use rigorous security and privacy protocols to deter hackers from stealing member data, as they're more likely to give up when the going gets tough.
Use Vendors You Trust
There have been several instances of leaked member data due to technology vendors not having the same level of scrutiny when it comes to security. Reach out to your core system provider and ask about the security services they offer. This might include, firewall services, gateway-based antivirus, web filtering, intrusion prevention, remote vulnerability assessments, data security, off-site data backups, system saves and more. Whoever you partner with for your credit union's cyber security measures should have your best interest in mind and be as concerned about protecting your member's data as you are.
Monitor Your Staff
Ensuring loans are approved and dispersed by different staff members (centralized lending) is a best practice for credit union security. Fraud becomes an issue when the same person works on a loan all the way through as it opens up the possibilities for embezzlement and fictitious loans. Furthermore, embezzlers will manipulate data to conceal suspicious activity, such as failing to post delinquent payments, advancing payment dates, changing interest rates and payment amounts, as well as changing payment frequency. Any of these items would be cause for concern, and definitely warrant an investigation into that employee’s records.
Consistently assessing your infrastructure for security and privacy weakness is the best way to keep your system protected from data breaches. As learned from Facebook and Mark Zuckerberg, when security isn’t top of mind it leads to a degradation in user data protection and it will only be a matter of time before their privacy is compromised. Monitoring security is an ongoing challenge for many credit unions, but it’s well worth the investment.