CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Compliance
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Keep Member Data Safe
Operations

Keep Member Data Safe

Employee error often puts sensitive data at risk and into the wrong hands.

December 23, 2013
Jay Isaacson
No Comments
iStock/Thinkstock®

Splashy cybercrimes that feature devious hackers breaking through a giant bank’s firewalls generally make front page news.

But that’s far from the whole story about how consumers’ confidential data gets into the wrong hands. Research shows employee error puts sensitive data at risk far more often.

Verizon data security experts analyzed more than 47,000 data “security incidents” in 2012. In these incidents, the exposure of this sensitive data didn’t necessarily involve crime or result in monetary losses.

subscribefrontline“Error” ranks as the largest threat category, making up 48% of all incidents, according to Verizon’s 2013 Data Breach Investigations Report. Errors included lost devices, errantly addressed emails and faxes, and publishing mistakes.

Threats caused by malware and “misuse”—which covers employees’ violations of data-use policies—tied for second, at 20%.

All credit unions implement various network security measures to protect data against high-tech attacks. But employees also can protect members’ sensitive data with these four measures:

1. Double-check the destination of emails or fax numbers before hitting “send.” Anytime you’re corresponding with a member or third-party vendor that involves sensitive data, first check your credit union’s information security policies to determine if they permit transmitting members’ confidential data in
these ways. If so, best practices recommend you send only encrypted data.

2. Avoid saving data to movable memory devices—and keep your laptop secure if you take it off-site.

Laptops are a major target for thieves. Whenever possible, don’t take a laptop containing members’ confidential data out of the office. If you must, don’t leave the laptop in plain sight in your car, unattended in a coffee shop or library, or in other situations that invite theft.

Member data saved to thumb drives, CDs, or other portable media presents a huge risk. That’s why some credit unions lock down the USB ports and CD/DVD drives on their workstations.

If you have the ability to save member data to external memory devices, don’t lose track of them. Delete the data or destroy the disk as soon as you’ve transferred
the data to its destination.

3. Properly destroy data devices. Just as you’d shred paper documents containing members’ personal information, dispose of data storage devices such as old tape drives, disks, and computer hard drives by rendering them unreadable.

4. Beware of targeted phishing attacks. As a financial services employee, you’re at greater risk than the general public for phishing schemes.

One common phishing attack tricks you into opening an infected email attachment or clicking on a link to an infected website. This automatically installs malicious software (malware) on your work computer, possibly creating a back door into your credit union’s network.

Criminals search social networks such as LinkedIn to discover employers, job titles, and email addresses, and generally send phishing emails to a specific group of employees at a credit union—a tactic called “spear phishing.”

Be careful about any email that contains a link or file, even if the email appears to be from a professional organization or social network to which you belong. Your credit union might have an acceptable use policy prohibiting employees from using credit union-owned computers for personal purposes, including surfing the Internet and/or checking personal email.

These four measures cover only some of the employee-related data security exposures. Your security policies undoubtedly cover current scenarios. Your best protection is understanding your policies, being aware of how you interact with members’ data, and guarding against errors and targeted scams.

JAY ISAACSON is credit union protection product management director for CUNA Mutual Group.


This article first appeared in Credit Union Front Line Newsletter, the monthly sales and service newsletter for branch staff and their managers.

KEYWORDS error malware phishing security
  • Related Articles

    Empowering Employees to Serve Members

    Understand Your Sales Culture

    Mobile Malware: Faster, Better, Cheaper

Jay Isaacson

Keep Member Data Safe

More from this author

Post a comment to this article

Report Abusive Comment

Subscriber Exclusives Break-through branding

Break-through branding: Build an emotional connection

When Elevations Credit Union expanded into two new counties, senior leadership set out to tell its story in a bold, fresh way.
How technology transforms marketing

How technology transforms marketing

Artificial intelligence improves member conversions, engagement, and retention.
Analytics drives journey toward data nirvana

Analytics drives journey toward 'data nirvana'

Data analytics can provide the 'oh wow' moment of discovering member behavior.
Subscribe Now

Trending

  • It's time to expand our cooperative principles

  • Compliance: Checklist consolidates final rules, regs from 2018

  • Change is unconventional

Tweets by CUNA_News

Polls

Who should be the 2019 Credit Union Hero of the Year?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors