We are pleased to offer various financial services and products via the Internet. Delivering these services requires a solid security framework that can protect you and your Credit Union from outside intrusion. The information below summarizes our security framework which incorporates the latest proven technologies. In addition, we included some ‘Best Practices’ for keeping your home computer and network secure.
BCEFCU.com resides on a network monitored 24/7/365. Our servers use the latest technology and are continually updated to meet the latest standards in security. There are several levels of security within our network framework, which are protected by both hardware and software firewalls. This is the first line of defense.
Protecting our members and giving them the safest web experience when visiting BCEFCU.com is top priority. We secure online connections with cryptography and Secure Sockets Layer (SSL) protocol. Our servers are setup to continually run system scans for Viruses and Malware. We have monitors setup to alert us of any suspicious activity and any downtime that may occur.
There are several components of security that ensure the confidentiality of information sent across the Internet. The first level of security requires your use of a fully SSL-compliant browser. SSL is an open protocol that allows a user’s browser to establish a secure channel for communicating with our Internet server. SSL utilizes highly effective cryptography techniques between your browser and our server to ensure that the information being passed is authentic, cannot be deciphered, and has not been altered en route. SSL also utilizes a digitally signed certificate, which ensures that you are truly communicating with the specific server intended and not a third party trying to intercept the transaction.
Web Visitor Responsibilities
While we constantly evaluate and implement the latest improvements in Internet security technology, users also have responsibility for the security of their information. Some basic recommendations are listed below:
- Migrate to a modern operating system (OS) and hardware platform. Both Windows 7 and Vista provide substantial security enhancements over earlier Windows workstation operating systems such as XP. Many of these security features are enabled by default and help prevent many common attack vectors. In addition, implementing the 64-bit mode of the OS on a 64-bit hardware platform substantially increases the effort of an adversary to attain a system or root compromise. For any Windows-based OS, verify that Windows Update is configured to provide updates automatically.
- Utilize the latest version of a browser. The major browsers are: Internet Explorer, Safari, Mozilla Firefox, and Google Chrome.
- Security codes and passwords should be kept confidential. Change it frequently to ensure that the information cannot be guessed or used by others.
- Be sure others are not watching you enter information on the keyboard when using the system.
- Never leave your computer unattended while logged in to Online Banking or other sites requiring login credentials. Others may approach your computer and gain access to your account information while you are away.
- Click Exit when you are finished using the system to properly end your session. Once a session has been ended, no further transactions can be processed until you log on to the system again.
- Close your browser when you are finished. This will prevent other individuals from viewing any account information displayed on your computer.
- Keep your computer free of viruses and spyware. Use virus and spyware protection software and keep it current. Routinely check on the integrity of your computer.
Email Best Practices
Personal email accounts are common attack targets. The following recommendations will help reduce your exposure to email-based threats:
- In order to limit exposure both at work and home, consider using different usernames for home and work email addresses. Unique usernames make it more difficult for someone targeting your work account to also target you via your personal accounts.
- Setting “out-of-office messages” on personal email accounts is not recommended, as this can confirm to spammers that your email address is legitimate and also provides awareness to unknown parties as to your activities.
- Always use secure email protocols if possible when accessing email, particularly if using a wireless network. Secure email protocols include Secure IMAP and Secure POP3. These protocols, or “always use SSL” for web-based email, can be configured in the options for most email clients. Secure email prevents others from reading email while in transit between your computer and the mail server.
- Unsolicited emails containing attachments or links should be considered suspicious. If the identity of the sender can’t be verified, consider deleting the email without opening. For those emails with embedded links, open your browser and navigate to the web site either by its well-known web address or search for the site using a common search engine. Be wary of an email requesting personal information such as a password, credit card number or social security number. Any web service that you currently conduct business with should already have this information.
Ensure that passwords and challenge responses are properly protected since they provide access to large amounts of personal and financial information. Passwords should be strong, unique for each account, and difficult to guess. A strong password should be at least 10 characters long and contain multiple character types (lowercase, uppercase, numbers, and special characters). A unique password should be used for each account to prevent an attacker from gaining access to multiple accounts if any one password is compromised.
Remember, the above is general information, and each of us must be diligent in keeping up with security. The openness of the internet, is what makes it great, but also allows for some vulnerability.
There are many good resources on, “Best Practices for Keeping Your Home Computer Secure”. One such site is the governments’ National Security Agency’s site. Here’s a link to their site – http://www.nsa.gov/ia/
We look forward to serving your financial needs today and into the future – securely!