The Most Overlooked Aspect in Credit Union Security
There is one big, scary security hole in credit unions that most IT people pass over and I’ve never heard an auditor mention: domain registration and DNS hosting. Whoa, whoa, whoa, DNS sounds technical. And it is. But domain registration is very self explanatory. You’ve seen the GoDaddy commercials (or bought domains in a drunken stupor late at night) so you [...]
Read moreSensitive Compartmented Information (and your money)
For those with military experience out there, you may be familiar with SCI. Actually, you probably can neither confirm nor deny your SCI or non-SCI status. Regardless, for those not in the know, SCI is the step above top secret. You’ve heard the old saying, “It is on a need to know basis, and you [...]
Read moreCredit unions need their head in the clouds
Cloud computing is the wave of the future for all things data related. Amazon started it with EC2 and S3. Microsoft is in it. Salesforce is doing it too. Credit unions are just starting to realize the benefits of virtualization and as more CU’s struggle with income generation, expense control, and capital expenditures, virtualization is [...]
Read moreMore on OpenID
I was just reading an article in Information Week talking more about OpenID and how it has been starting to catch on and is being implemented on mainstream sites, like MySpace. As quickly as they praise it, it rapidly turns around into how many sites enable the use of their OpenID, but they don’t accept [...]
Read moreNo, you can't know what movies I watch!
Blockbuster and Facebook have recently come under attack for some aspects of Beacon, Facebook’s semi-new intrusive marketing tool. Years ago, when I actually worked at Blockbuster, it was fairly well known that you couldn’t divulge what movies someone has watched. Similar to how you have the primary member at a CU, the account holder of [...]
Read moreMore open source news
If it is good enough for the Department of Defense, it should be good enough for CU’s, right? From Colin, the DOD is hosting an open source conference this December in DC. To quote the DoD article, they are, "Fostering collaboration and interoperability across DoD" Just cross out DoD and put in CU. The credit union [...]
Read moreHow well are credit unions prepared for data center outages?
Back in July, 365 Main, a major data center hosting companies such as c|net, Craigslist, e-surance, and the Oakland Raiders, lost power. For most of the day. And 365 Main has the time, money, and resources to make sure that (almost) never happens. Here is the full story straight from 365 Main. Jesse Robbins has a [...]
Read moreFIS Data Leaked
FIS, or Fidelity Information Services, had an employee steal confidential consumer information and sell it. FIS has their official press release here. What would happen if a CU employee decided that their member data was worth something and sold it? How would or should a CU react in this instance? FIS’ press release reads like [...]
Read more
Recent Comments