Banner Bank Commercial Online eGuide

23

Security

Teach employees the basics. Establish security practices and policies for employees, such as appropriate Internet usage guidelines, and set expectations and consequences for policy violations. Train employees to be careful where and how they connect to the Internet. Employees and third parties should only connect to your network using a trusted and secure connection. Do not access Commercial Online via a shared public Wi Fi network. Implement dual control procedures; use of security tokens. When processing high-value transactions such as ACH and wires, there is safety in numbers; have one employee initiate the transaction and a different employee confirm and transmit the transaction. Having a separate set of eyes reviewing a transaction before it heads out the door helps to deter fraudulent activity. Dual control can be enforced in Commercial Online to ensure transactions are processed and approved by two different users. In addition, Banner Bank utilizes security tokens to add an additional level of authentication to ACH and wire transactions. Users are required to enter a unique code from their security devices in order to approve and transmit ACH and wire transactions. Implement Positive Pay services. Positive Pay services are effective tools offered by Banner’s Treasury Management team to assist businesses in identifying check and ACH transactions that may be fraudulent. You provide us with a file of the checks you have issued, and we will compare the items attempting to clear your account against that list. Any mismatches detected will be presented to you for review and to determine whether the items should be paid or returned. ACH items are presented as they attempt to clear your account and you determine if the items are valid and should be paid or returned. You also have the opportunity to add any companies presenting valid ACH items to your approved senders list. Positive Pay services are conveniently accessed through Commercial Online and do not require a separate application. For more information regarding Positive Pay services please contact Banner’s Treasury Management Services team at 877-856-7933. Train employees about the dangers of suspicious emails. Employees need to be suspicious of unsolicited emails asking them to click on a link, open an attachment, or provide account information. Employees should also validate all internal requests for wiring funds received via email to ensure the request is properly authorized. Cyber criminals are adept at creating email requests that appear to be coming from within a company from authorized personnel. When in doubt, employees should be encouraged to ask for assistance in evaluating the source and content of any emails that raise a red flag.

Security: Protecting Your Information