Credit Unions Must Secure Members’ Personal Information
Thanks to reporter Tina Orem for her article, “Consumers Do Little to Protect Finances: Study,” which summarized the results of Kapersky Labs and B2B International's Consumer Security Risks Survey 2014.
Consumers’ unprotected personal information is a constant alarm bell in my ear that should be ringing across our industry. As the CEO of a company focused on helping financial organizations safeguard consumers’ personally identifiable information, I find the article cringe-worthy. More than 90% of respondents store their personal data on all of their Internet-enabled devices. And while only 38% take precautions when using free public Wi-Fi systems, it also should be noted that just a quarter of them have separate passwords for each online account. Further, nearly half of respondents store their passwords on sticky notes or scratchpads, which are often left in plain sight.
But as Orem rightly pointed out, especially troubling for our industry is the 40% of those surveyed who expect their financial institution to reimburse them when their accounts are hacked, with no questions asked.
The fact is, credit unions and banks are responsible for securing members’ PII. But it should be a hand-in-glove effort and it's up to us to tackle the issue two ways: For members, it's urgent to provide regular information about protecting personal data – not just in a tab somewhere on the website, but prominently displayed as a constant reminder. And for the industry's part, we need to handle consumer data differently. The old ways of safeguarding data are insufficient. It's time to adopt encryption-at-rest technology on all servers where member data is being stored, rather than relying on firewalls.
Consumers have higher confidence in their financial institutions than they do in retailers, credit card companies and, for that matter, the federal government. But that trust could be shattered with a mouse click. If PII is stolen – through personal carelessness or a system attack – the member may be severely inconvenienced. But it's the credit union's bottom line that ultimately will suffer, along with its reputation.
Virtual StrongBox, Inc.