With new technology comes new risk. We see this often in our daily lives. Keyless entry and remote start for cars are convenient, but it didn't take long for thieves to come up with a device that lets them steal cars that use key fobs. Wi-Fi is essential to efficiency in our home and office, but even with complicated passwords, it can cause security nightmares. Mobile banking is a necessary offering to remain competitive, but Remote Deposit Capture (RDC) opens you up to a new kind of credit union fraud. A recent analysis of 400 FIs found that of all fraud cases involving mobile banking apps, 72 percent included remote deposit capture (RDC) and the use of fraudulent checks.

One cyber security breach can ruin a credit union. If member data is stolen, members will rightfully lose trust in their credit union. Today's expectations for data security are high and that includes your members' expectations. Cyber security is not just the concern of the IT department, it is a responsibility of each credit union staff member as well. A careless use of information can impact everyone. Here are some tips on ways you can help be part of your credit union's data security force. 

Credit union board members are not only responsible for the financial security of their institution, but also the proper safeguarding of member sensitive information. Proper safeguards ensure a credit union's ability to serve its membership, tasks that are accomplished through the adoption of technology as member behavior changes. The best way to ensure your board of directors understands the importance of technology is to remind them of this responsibility and build the business case to make the decisions easier. Here are 3 reasons why your board should consider technology upgrades to be a major priority as you plan for 2017:

With the remote workforce continuing its increase, businesses need solutions for supporting remote employees and screen sharing. Whether to troubleshoot PC issues with tech support or accessing a PC from home on a Saturday, most would agree that remote access is convenient. Credit unions also typically partner with external technology vendors to offer advanced services that are propelling credit union growth. As is the case with any technology, support is inevitable, and every vendor uses a different way for remote PC access to troubleshoot issues. This leaves many asking: How does remote access impact cybersecurity at my credit union?

In  June 2015, the FFIEC released a Cybersecurity Assessment Tool to assist credit union management with assessing their institution’s risk and needs for cyber security preparedness. The assessment is incredibly thorough and consequently extensive in length. With an ample cybersecurity assessment provided to credit unions at no cost, institutions were left unarmed against the obstacle of completing the lengthy assessment, organizing responses and interpreting the results. Several alternate solutions are starting to emerge in the credit union industry, including interactive workbook tools that utilize a spreadsheet, but is a spreadsheet your best option?

Identifying and preventing internal credit union fraud shouldn't rest solely on the shoulders of senior management, Wells Fargo taught us that last week. Certainly, your board and senior management are vital in this process, but credit unions should be using a combination of technology tools in conjunction with their data processing system, including data analytics, reporting and robust “trust, but verify” employee policies. Experts say that most fraud cases could have been detected early or perhaps prevented had credit unions maintained fundamental internal controls.

The credit union industry has long been a target of cyber criminals, but in recent years, it's the smaller credit unions that have come under the greatest number of attacks. Smaller credit unions and banks (less than $35 million in assets) accounted for 81% of hacking and malware breaches in the financial industry during the first six months of 2016, a 54% increase over 2015.¹ Malware is a broad term used to describe all sorts of malicious software including viruses, spyware, trojans, worms, and more.  It is up to credit unions to stop this trend by putting into place measures that thwart these attacks. Here are 5 implementations credit unions should consider to protect themselves from malware:

The National institute of Standards and Technology (NIST) announced in July a significant change to secure authentication recommendations that will impact core credit union mobile banking.  With draft 800-63B, NIST issued a special publication named ‘Digital Authentication Guideline’ for ‘Authentication and Lifecycle Management’ in which they deprecated their recommendation of using SMS as a delivery mechanism for one-time-passwords for two-factor authentication.

Cyber threats are constantly making headlines, and earlier this month FLEX was featured on CUInsight with the article Why Credit Unions Should Start Selling Cyber Security. Credit unions can and should make cybersecurity a competitive advantage.

Apple has made headlines recently for not providing assistance in unlocking suspect’s iPhones in a number of criminal cases, stating that respect for their customer’s data and privacy is of the highest importance. The iPhone is a communication device, not a security product, yet the Apple culture and focus on defense has made the iPhone’s security a competitive advantage that is attractive to consumers.