By Brad Atkin, CPA, CISA, CITP, SOC – Shareholder, IT Advisory and Security Group

With the COVID-19 pandemic requiring many credit union employees to work remotely, the National Credit Union Administration (NCUA) warns they should be strictly adhering to their organizations’ information security, and privacy policies and procedures. The organization has also outlined some key cybersecurity considerations your credit union should keep in mind as employees are working remotely.

Security Incident Prevention

Management should provide employees with effective training materials on common cyberattack ploys and share best practices for working remotely, such as those outlined below, to assist in mitigating potential cybersecurity risks to the credit union.

  • Avoid having family members use devices designated for work
  • Encrypt sensitive information
  • Keep devices physically secure
  • Establish strong, unique passwords for all log-ins and devices on home network
  • Ensure firewall capabilities available through internet service providers are being leveraged
  • Implement the strongest wireless security options available
  • Update software regularly
  • Maintain antivirus software and ensure timely updates

Security Incident Response

Credit unions should be prepared in the event a cyberattack does occur with proper policies and procedures. Furthermore, employees should be asked to follow protocol in the event they believe they have been compromised, such as:

  • Disconnecting the device(s) from all internet connectivity
  • Keeping the computer on to preserve forensic evidence
  • Reporting the incident to the credit union immediately

Doeren Mayhew has a team of cybersecurity advisors to assist you in making sure your credit union’s controls, and policies and procedures help mitigate the potential for a cyberattack. Contact us today.