NORFOLK, Va. — Credit unions should look at data security not just as a technology issue, but a multi-channel issue, one credit union expert has suggested.
“We don't look at this in terms of technology,” Chartway Federal Credit Union Vice President of E-Business Spencer Jones said. Technology, while it can offer some solutions to identity theft and other issues, is always a game of catch-up, he said.
Jones said, “How you approach the problem is more important than the problem itself…Make yourself a hard target.” He explained how his credit union was phished and found out in time to flood the criminals with worthless information to decrease the value of the real information because they would have to sort through all the junk.
He noted that the financial services agencies, including NCUA, have a deadline of year-end for implementation of multi-factor authentication as needed for high-risk transactions, which primarily deals with IT. But Jones said Chartway looked at it from the perspective of keeping security consistent through all delivery channels including phone services and in the branch. Members want consistency in security, he asserted, so one avenue does not look safer than another. He cited a survey that found 59% of consumers had more confidence in their online banking than in the branch. Well over half of consumers said they would change financial institutions if there were a breach in data security, Jones added. Additionally, member education on phishing scams and other crimes is a solid part of security. He also said, “They are our most difficult part of this equation.” Credit unions need to be prepared to deal with all the consequences and stages of a data security breach, NCUA Examination and Insurance Information Security Officer Roger Blake said. “The good news/bad news story is that credit unions are there at every step,” he said, from the theft to the fraudulent use of information to reporting and investigation to remediation. What credit unions can do to arm themselves is provide protection, seek authentication, respond appropriately to information breaches, and situate the institution to assist the victim. –scooke@cutimes.com
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.