Online Security Resource Center
Five Star Bank is committed to the security of our customers' information and cyber awareness. As threats continue to evolve, it is imperative that you and your staff understand the risks to help minimize risk of a breach within your company or at home. We have outlined some key terms below with some recommendations on how to help minimize risk around these threats.
Training: As valuable as our employees are, they can also pose the greatest risk. Companies should implement monthly training and testing to keep employees updated on current cyber risks and trends. Testing can help identify employees that need additional training on how to recognize Phishing attempts.
Email Security: Threats around email continue to be the main avenue for breaches. Most BEC, Ransomware, and other breaches can be tied back to malicious links or attachments received through email, which an employee clicked on or opened. Companies should understand these risks and implement security measures, such as Multi-Factor Authentication, SPF/DMARC/DKIM, Advanced Threat Protection, and Suspicious Event Alerting to minimize risk to the company, infrastructure, and the employee.
Multi-Factor Authentication (MFA):This should be turned on for any and all services that are accessible outside of your infrastructure. Office 365, Salesforce, Online Banking, VPN, and other websites that contain financial, healthcare, or other personally identifiable information (PII) should have MFA enabled to minimize your risk.
Business Email Compromise (BEC): In 2019, BEC scams cost US businesses $3.5 Billion. A majority of these scams are initiated by email. A procedural change as it relates to email requests can help minimize this risk. Companies should consider implementing a “call back” procedure to a known good phone number for any request around wires, ACH, payroll, vendor account number and address changes requested through email.
Patch Management: It is important to keep systems updated with the most current patches. A centralized application will help administer deployment of key patches to endpoints. However, if a centralized application is not available, make sure to set your computers to auto-updated when critical patches are released.
Anti-Malware: A good endpoint security solution should include anti-malware, intrusion prevention, and firewall to minimize exposure to malware.
Firewall: A firewall should be turned on for the endpoints as well as the perimeter of the network. Key components, like Geo-IP Filtering, Content Filtering, and other controls on a network perimeter firewall will help minimize risk to malicious traffic entering your network.
Vulnerability Scanner: A vulnerability scanner is useful in verifying that patch levels have been updated, applications are secure, and helps to identify additional security holes. Microsoft occasionally issues patches which also require a manual registry update to apply the patch, and periodically this step is missed. A vulnerability scanner should be able to identify any missing registry keys associated with a patch.
Incident Response: No one ever thinks they are going to be the next victim. However, having a good incident response plan that outlines key personnel and their responsibilities will greatly streamline recovery in the event of an incident.
Disaster Recovery: Clean backups are required to ensure a successful recovery after a breach. Make sure key data, applications, and resources are backed up.
Cyber Insurance: Cyber insurance can help minimize financial risk to the company in case of an incident.
Additional Security Information
Information on the CIS Critical Security Controls
If you have any questions, please contact us.