65
•
Administrators have to ban employees from
downloading and installing
unauthorized software.
•
Bank policies must also set appropriate approval protocols. Any transaction that
involves a wire transfer or an Automated Clearing House
transfer must involve two
approvers.[6]
Educate Employees
•
All employees must be made aware of the dangers of opening or downloading
email attachments from unknown sources. Employee awareness is particularly important
because there have been many cases where a bank’s
computer was infected by a
malicious program after an employee clicked an attachment from an unknown source.
•
Employees must also be prohibited to share confidential information about the
institution.
•
Employees working in a bank’s call center must always verify the details of a
vendor or a consumer who has requested any changes to be made to the billing account.
Harden the Machines Regularly
•
A bank’s IT department must make sure that each
workstation and Internet-
enabled device used in the company has a firewall that is enabled. A firewall blocks all
communication from unauthorized sources.
•
The Department must ensure that the operating system on all PC’s
receives
security updates on a regular basis.
•
All PC’s must be installed with anti-virus and anti-spyware software to detect any
malware or malicious programs in the network.
•
All wireless networks must be secured and their
passwords must be well-
protected.
