In the fight against fraud, arm yourself with knowledge.
The National Cyber Security Alliance offer the 5 Steps to Better Business Cybersecurity Guide:
Take inventory of key technologies you use and know what information you need to rebuild your infrastructure from scratch. Inventory is the key data you use and store and keep track of likely threats.
- Document assets
- Determine location
- Locate all key data
Assess what protective measures you need to have in place to be as prepared as possible for a cyber incident. Put protective policies in place for technologies, data and users, and ensure that your contracts with cloud and other technology service providers include the same protections.
- Obtain support contracts
- Install security updates and patches
- Frequently backup systems and data
- Segment your network
- Secure Mobile devices
- Secure your Wifi
- Secure your Email
- Ensure strong contracts with Cloud service providers
- Secure Payment card systems
- Consider Cyber Insurance
- Limit employee access to data and systems
- Use strong passwords and authentication
- Secure Remote access
- Ensure Data privacy
Put measures in place to alert you about current or imminent threats to system integrity, or loss or compromise of data. Train your users to identify and speedily report threats or incidents.
- Email – Monitor messages blocked by email filters.
- Network – Monitor network traffic in and out of your network
- Desktop – Monitor antivirus messages
- Storage – Monitor disk health and utilization
- Users – Train users to know what incidents and attacks need to be reported
Make and practice an incidence response plan to contain an attack or incident and maintain business operations in the short term.
- Utilize spares and backups
- Know how to stop an attack, stop exfiltration of data, and collect forensic evidence.
- Know who to contact for advice - security incident response specialists and legal counsel.
Know what to do to return to normal business operations after an incident. Protect sensitive data and your business reputation over the long term.
- Create a disaster recovery plan
- Know data breach notification requirements
This 5-step approach follows guidance from the "Framework for Improving Critical Infrastructure Cybersecurity." For additional resources please visit: http://www.bbb.org/cybersecurity; http://stopthinkconnect.org/; https://us-cert.cisa.gov/resources.
- Protect all accounting documents by locking away check stock, signature equipment, invoices and critical account information.
- Monitor your employees. Screen new hires carefully and train them accordingly. Separate accounting responsibilities, making payables and receivables processing different work positions.
- Monitor the movement of employees, vendors and contractors in and out of your offices.
- Update bank signature cards and systems access whenever personnel or procedures change.
- Review and revise accounting processes periodically to ensure that they meet your company's needs. Exercise due care in drafting and preparing checks and other withdrawal instruments.
- Maintain separate accounts for payables and receivables to eliminate the payment of fraudulent invoices.
- Sweep or transfer extra funds into a savings account when not needed
- Conduct audits of various check-control duties. Reconcile and monitor account activity frequently.
- Examine bank statements punctually. Failure to do so may result in the company bearing liability for loss. To speed up the process, consider utilizing online statements and viewing check images and deposit images online.
- Keep an updated list of which employees have company credit, debit or ATM cards, along with their account numbers, expiration dates and limits. Make sure employees sign company cards immediately upon receipt.
- Keep card fraud department phone numbers handy.
- Cancel and destroy unused cards.
- Keep track of card receipts. Ask that they be submitted for any expense reimbursements. Review credit card and bank account statements for unexplained changes.
- Order a copy of your firm's credit report at least annually and look for unauthorized applications, unfamiliar credit accounts, credit inquiries, defaults and any delinquencies of which you were unaware.
- Review your business insurance policy to determine if it provides appropriate coverage.
- Report losses promptly.
Starion Bank is a full-service financial institution with branches in North Dakota and Wisconsin.