Category: Security

04 Apr 2019
Does Your Bank’s Firewall Perform SSL/TLS Inspection?

Does Your Bank’s Firewall Perform SSL/TLS Inspection?

Does Your Bank’s Firewall Perform SSL/TLS Inspection?

Despite the significant advancements in technology and the sophistication of cyber threats, firewalls remain one of the most proven cyber deterrents. Network firewalls continue to serve as a cornerstone for a solid security strategy. However, some financial institutions have learned the hard way that a misconfigured or out-of-date firewall can leave their networks unprotected. For firewalls to be most effective, they must be able to deliver advanced security services to ensure that various threats are unable to disrupt the integrity of a network.

The Missing Link in Traditional Firewall Technology

Today, the industry standard for transmitting secure data over the internet is known as Secure Sockets Layer, or SSL. A more modern version of this SSL implementation is also known as Transport Layer Security, or TLS. For many companies and financial institutions, there has been a push to implement this technology to securely protect online traffic since it establishes an encrypted link between a web server and a browser. This ensures that all data passed between the server and browser remains private.
While SSL/TLS is effective in protecting the privacy of intercepted data that was transmitted between client and server, it also poses a problem for perimeter security. Legacy firewalls are unable to view the SSL traffic and cannot perform a proper analysis to determine if the encrypted traffic is safe or malicious. This increases the risk of a potential attack, because unsuspecting users can download malicious content and packages that bypass the institution’s perimeter defenses. This can lead to a malware infection or other nefarious activity on the network.

Importance of SSL Inspection

Download the PDFThe 2019 IT Outlook for Community Banking Get a Copy

One key feature that all community banks and credit unions should have as a part of their firewall security strategy is SSL/TLS Inspection. Firewalls with the ability to scan encrypted SSL/TLS traffic have become increasingly important as malware and other cyber threats continue to grow and change. SSL/TLS inspection allows the firewall to decrypt traffic that is being transmitted to and from websites, email communications, and mobile applications. Once the traffic is decrypted, a proper analysis of the content can be performed. After the analysis is complete, the data is re-encrypted and transmitted to the client.

Without deploying this level of inspection, institutions run the risk of effectively introducing a “blind spot” in their traffic analysis mechanisms. This can cause major problems since, according to Cyren’s security researchers, some form of SSL is now being utilized in 37% of all malware. Researchers also substantiated that every major ransomware family since January 2016 has been distributed at some point via SSL/TLS. In addition, the average volume of encrypted internet traffic is now greater than the average volume of unencrypted internet traffic, making the need for SSL/TLS inspection in firewalls even more significant.

To adequately protect the network, financial institutions must implement a new approach to security that goes beyond traditional perimeter protection to safeguard the entire network. While firewalls are still critical to any security strategy, for them to be truly effective, they must evolve and become more sophisticated. Financial institutions must look for ways to better protect the network and identify other features to defend against attacks, and SSL/TLS inspection plays a key role in developing a stronger security ecosystem.

21 Mar 2019
Safe Systems Launches Customer Referral Program

Safe Systems Launches Customer Referral Program

Safe Systems Launches Customer Referral Program

According to our third annual report, “2019 IT Outlook for Community Banking“, nearly 91% of survey respondents claim to turn to their peer network for information when researching a new solution or vendor.

Download the PDFThe 2019 IT Outlook for Community Banking Get a Copy

These confidants provide valuable first-hand information from trusted individuals who have knowledge of the industry and are experiencing similar situations and issues. So, we wanted to provide an opportunity for our customers to conveniently share our more than 25-year journey serving the community banking industry, unique customer experience, and dedicated strategic advisor service, by simply sending their peers to this new webpage – The Safe Systems Way.

In addition to facilitating the easy exchange of information, we have launched a formal customer referral program that provides existing customers with a simple online process to refer Safe Systems to their peers. Customers will be awarded a small gift thanking them for each peer referral, and new customers who come through the referral program will receive an exclusive welcome gift.

At Safe Systems, we strive to provide a high degree of customer service by paying close attention to our customers’ pain points and keeping their needs a priority. This has enabled us to build strong relationships with clients. These relationships combined with extensive knowledge of community banks and credit unions, enables Safe Systems to be a valued partner and true extension of our financial institution clients. We truly understand the complexity that financial institutions face in managing the constant evolution of technology, compliance, and security. Our team works to streamline IT processes for banks and credit unions and ensure regulatory requirements are met or exceeded.

14 Mar 2019
Are You Using the Right Security Layers

Are You Using the Right Security Layers? What Many Banks and Credit Unions Are Using Today

Are You Using the Right Security Layers

Over the past several years, the industry has been impacted by a marked increase in data breaches, ransomware, card fraud, cybersecurity threats, and other malicious attacks. Additionally, an increase in devices connected to networks has made it critical for financial institutions to strengthen their security strategies and policies to ensure all systems are up to date to effectively combat today’s threats.

While history has shown that well-designed single-focus solutions are useful in stopping specific attacks, the capabilities of advanced attacks are now so broad and sophisticated that a single line of defense inevitably fails—opening the way to costly data breaches and other malicious attacks.

To establish a secure IT network and be better protected in today’s digital world, banks and credit unions need to employ a strategy that places many uniquely tailored layers throughout their networks, from the end user to the internet. By employing multiple controls, security layers ensure that gaps or weaknesses in one control, or layer of controls, are compensated for by others.

According to our third annual report, “2019 IT Outlook for Community Banking,” community banks and credit unions are taking this advice to heart and do, in fact, have various security solutions in place to help protect their networks, including:

Firewalls

Download the PDFThe 2019 IT Outlook for Community Banking Get a Copy

The most widely used solution is the firewall. Firewalls have served as part of a network-perimeter defense for more than three decades. However, over the years, as technology and threats change, firewalls must also evolve to keep pace. To ensure they are up to date and able to combat today’s threats, many are adding key functionality to their firewalls as well. According to survey results, 52% of respondents are adding SSL inspection to enhance their solution; 48% are adding sandboxing, threat intelligence feeds, and built-in network automation.

Anti-Virus Software

Anti-Virus software has been a staple for many organizations since the launch of the internet 25 years ago. It is imperative to have up-to-date anti-virus protection on your systems at all times. Ensuring all subscriptions are current will prevent you from getting viruses such as spyware, malware, rootkits, Trojans, phishing attacks, spam attack and other online cyber-threats. Anti-virus solutions are as important as ever.

Encryption

In addition to the firewall and anti-virus software, many banks and credit unions implement a level of encryption over all data, files and transactions. Encoding sensitive data helps prevent hackers from easily accessing information. This form of protection has grown increasingly popular with 84% of survey respondents claiming to be utilizing this security measure today.

Employee Training

Increasingly, banks and credit unions are recognizing employee training as an important security mechanism with 78% of survey respondents citing it. Employees who are not adequately trained on security protocols, procedures, and current issues can quickly become a top vulnerability and security threat for financial institutions. According to survey results, 100% of respondents claim that their employees have fallen victim to a phishing attack in the last 12 months and have been affected by a malware infection. To best mitigate these threats, training for all employees—from tellers and loan officers to the President and CEO—is critical. Thorough training should now include rigorous testing to ensure employees are able to spot security issues.

Vulnerability Scanning

To quickly identify internal threats, network security solutions must now scan and monitor more than just servers. Vulnerability scanning gives community banks and credit unions greater visibility into the network and identifies potential threats on all workstations and devices connected to the network. Banks and credit unions now understand the importance of scans, and 51% of survey respondents perform these scans several times a year.

Other security solutions highlighted in the report include patch management, intelligence feeds, security event log monitoring, endpoint security management, DNS filtering, anti-ransomware, and honeypots.

While all of these solutions have proven to be effective security layers, there is no single security product that will cover all of an institution’s needs and efficiently combat the variety of breaches and attacks the industry sees today. It is essential to implement a layered security approach and select security defenses that fit closely with your institution’s long-term goals as well as support your IT and compliance strategies.
For more information, download our 2019 IT Outlook for Community Banking report.

07 Mar 2019
Cell Phone Porting - Don’t Fall Victim to Phone Number Fraud

Cell Phone Porting – Don’t Fall Victim to Phone Number Fraud

Cell Phone Porting - Don’t Fall Victim to Phone Number Fraud

Increasingly, consumers are sharing their mobile phone numbers to retrieve and change lost passwords, set up new accounts, verify identity, and even for something as simple as securing a dinner reservation. Mobile phone text-based verification has proven extremely convenient but imagine if someone else had access to all of those text messages delivering secret codes required to verify our identities.

While not new, cell phone porting has recently gained traction as yet another way for scammers to hack into your systems, including bank accounts. The most alarming part of this scam is that it can allow hackers to get past added security measures on personal and financial accounts and logins by intercepting the one-time password that many companies send via text message to the mobile device to perform two-factor authentication.

How Does Porting Work?

Once a scammer has your name and phone number, they will attempt to gather personal information such as address, social security number, date of birth, etc. that can be used to impersonate you. Once obtained, they then contact your mobile provider, claim to be you, report your phone as stolen or lost and then request the number be “ported” with another provider and device. Surprisingly (and unfortunately), mobile carriers often grant this request and forgo formal verification procedures.

All calls and texts are then forwarded to the new device and the original phone – your phone — is shut off. Once in control of the mobile number, thieves can request second factor authentication be sent to the newly activated device, such as a one-time code sent via text message or an automated call that reads the one-time code aloud. This enables them to access accounts that require additional security authorization such as email, financial accounts, medical records, social networks – anything you might need to access with a password!

You may not know you are a victim of porting until your phone has lost service and you no longer can access important accounts since the hackers have changed passwords. A phone might also switch to “Emergency Calls Only” status, which is what happens when a phone number has been transferred to another phone.

Download the PDFThe 2019 IT Outlook for Community Banking Get a Copy

There are several steps you can take to protect yourself from falling victim to porting scams:

Contact your Wireless Provider About Port-out Authorization

Most major wireless providers offer an extra layer of security that customers can request, like a unique PIN or verification code, that only you have. This code or PIN must be provided before any changes can be made to your account.

Use Two Phone Numbers

Have two different phone numbers that you use in different ways. Have one number that you give out freely and another one that you never give out and use only as a backup verification tool. You can do this using a free online service, eliminating the need for an additional costly phone plan. Do not share this number with anyone – if it is shared just once it is considered public information! You can’t trust that the other person’s phone is secure or that they won’t share it.

Utilize Apps for Verification

Whenever there is the option, choose the app-based alternative for authentications. Many companies now support third-party authentication apps which can act as powerful two-factor authentication alternatives that are not nearly as easy for thieves to intercept.

In addition to these precautions, be vigilant about communications you receive and watch for alert messages from financial institutions, and texts in response to two-factor authorization requests, especially if you did not initiate the request. Also, if your phone switches to “Emergency Calls Only” mode, it is a sign the number has been compromised. If you do find yourself a victim of this type of scam, contact your mobile provider and financial institutions immediately.

The rise of porting attacks serves as a warning that we not only need to keep our emails secure, but we also need to keep our phone numbers more secure. To protect yourself, consider alternative forms of authentication other than a text message.

21 Feb 2019
Identifying Top Priorities for 2019 - IT Outlook Survey

3 Top Challenges from the 2019 IT Outlook for Community Banking

Identifying Top Priorities for 2019 - IT Outlook Survey

For the third consecutive year, we surveyed community banks and credit unions to gain a better understanding of their current IT situation, top IT priorities and challenges, security and compliance issues as well as future technology investments on the horizon. Our third annual report, “2019 IT Outlook for Community Banking,” analyzes survey feedback from approximately 164 respondents representing a range of community banks and credit unions across the U.S. with asset sizes from less than $100 million to more than $1 billion.

This report is designed to offer community banks and credit unions with valuable peer data that can provide guidance for key IT, compliance and security decisions in 2019 and beyond. The data reinforces that community financial institutions continue to recognize the importance of using technology in the current banking environment and remain committed to investing in new technologies and services as needs evolve. However, they continue to face certain challenges, often related to technology, heading into 2019.

Here are some key IT challenges and trends from the survey results:

Information Security Continues to be the Top Challenge

According to 43% of survey respondents, information security continues to be a top challenge. Falling victim to security breaches and associated attacks is very costly for community banks and credit unions, both from a financial and reputational standpoint. According to Cybersecurity Ventures, the global cost of cybercrime damages will hit $6 trillion annually by 2021. This includes damage and destruction of data, theft of personal and financial data, and disruption to the normal business operations, among others. In addition, as the number of security threats continues to increase in the financial services industry, regulators are taking a closer look at financial institutions’ policies and procedures to ensure that they can effectively safeguard confidential and non-public information. All of this has led to 57% of respondents planning to strengthen and increase budgets for IT security solutions in 2019.

Personnel Expertise and Resources Becoming a Greater Concern

According to 42% of respondents, having the right personnel resources is now a top challenge for their financial institution. Managing an IT network is a very demanding responsibility. An IT administrator needs to truly understand the increasing complexity of IT operations, continuously changing regulatory requirements, FFIEC compliance guidelines, and evolving security threats. However, many community banks and credit unions are often located in areas that lack the qualified personnel resources to efficiently manage these responsibilities, making it financially challenging for them to employ the seasoned IT technology team required. This trend is encouraging community financial institutions to augment their IT departments with outsourced service providers who are able to help them navigate technology, security, and compliance required today.

Keeping Up With Changing Customer Expectations Continues to be a Challenge

Download the PDFThe 2019 IT Outlook for Community Banking Get a Copy

Approximately 42% of survey respondents claim that keeping up with changing customer expectations is their greatest challenge moving into the New Year. The advancement of technology, online banking services, compliance and regulatory requirements plus the growing demand from customers to have 24/7 access to their financial lives, have made the business of banking more challenging. This challenge has led to many institutions making additional technology investments in customer satisfaction or solutions to better meet market needs. According to 55% of survey respondents, this is the main reason or factor for making technology investments in the coming year. Customer satisfaction has become increasingly important and delivering a great customer experience is what gives banks and credit unions a competitive advantage.

Other areas of survey respondents mentioned as challenges include automating manual processes, managing budget restraints, eliminating redundant technology, remaining compliant with changing regulations, reporting and exam preparation, disaster preparedness, and providing secure mobile technology. This is the first year mobile technology was mentioned, but it is no surprise, as more and more consumers are turning to their mobile phones for basic banking tasks, such as depositing checks, checking their balances, and transferring money between accounts.

To gain more insights into the key challenges, goals and opportunities facing banks and credit unions today, please download the full report here.

19 Dec 2018
Safe Systems Launches Banking Bits and Bytes with Brendan Educational Video Series

Safe Systems Launches “Banking Bits and Bytes with Brendan” Educational Video Series

Safe Systems Launches Banking Bits and Bytes with Brendan Educational Video Series

Safe Systems launched a new educational video series, “Banking Bits and Bytes with Brendan,” to help educate and inform customers and the financial services industry on trends and issues the industry is dealing with on a day-to-day basis. Banking Bits and Bytes with Brendan will showcase our Chief Technology Office, Brendan McGowan, who is an expert in all things related to banking technology.

Each video is a small bite of information (approximately 2-3 minutes in duration) that teaches viewers complex technology, compliance, and security topics. The videos will be sorted by topic and can be watched at the viewer’s own pace and convenience.

This video series is subscription-based and a way for us to help educate our customers by leveraging the expertise gained from 25 years serving community financial institutions. As the industry continues to change and evolve at a rapid pace, our knowledgeable staff serves as a valuable asset to guide our customers and help them ensure compliance, streamline processes and provide superior service in their communities. Brendan’s expertise, knowledge, and insights in banking technology will ensure each video is a valuable resource for the industry.

Here at Safe Systems, Brendan oversees the development of strategic technology solutions that support key banking initiatives for community banks and credit unions and enhance their ability to manage IT in an effective and compliant manner. In 2016, he was named to Georgia Southern University’s 2016 40 Under 40 List, which highlights professionals who represent the best young leaders under the age of 40.

The first Banking Bits and Bytes with Brendan video series focuses on Managed Cloud Services, a broad topic where Brendan addresses common questions, dispels myths, and offers advice on the best way to think about and implement a cloud strategy. Each video is hosted on YouTube as well as this website. Subscribers can not only gain access to upcoming lessons, but also exclusive content or advance notice when new lessons become available.

The first two video lessons in the Managed Cloud Services series are now live on our website. To view the video and subscribe to the series, please watch below or visit the Banking Bits and Bytes with Brendan page.

 

05 Dec 2018
Watch More Kids on Banking

More Kids on Banking

This year marks our 25th Anniversary and to honor the occasion, we developed Kids on Banking, which is designed to let us reminisce about our own childhood memories of going to the bank with our parents. While the banking industry has changed quite a bit since we were kids, and most trips to the bank and ATM have been replaced with the use of online banking and the simple use of an app, we were left wondering what it was like to see the banking environment through the eyes of kids today.

So, we asked a few, ranging in age from 5-11 years old for their unscripted opinions on banking and what exactly they think happens in a bank. They were very creative and had some insightful opinions that provided us with enough content to develop not one — but two — videos!

One of the questions we asked was, “How much money is inside the safe at a bank?” Apparently, banks today house a “thousand trillion billion dollars,” or “$399,” or maybe just “$100 or $50.” When it comes to saving money, we learned that “mostly money is saved for college or toys, but mostly toys!”

Watch More Kids on Banking

According to the kids, ATMs are for giving out money. All you have to do is put in a card, type a long random number and then “about a trillion dollars will start coming out.” If only this were true.

According to these kids, the president of the bank is responsible for signing papers and writing a lot of words, controlling the money and taxes, keeping the money safe, telling everyone when to “shut the door in case of a robber” and “people even come to the president to deliver grilled cheese.”

The pneumatic air tube is a favorite piece of banking equipment. It is “the thing that goes Fwsshhh straight up to the man upstairs!” It also is the thing that delivers lollypops and bills.

The kids really got us laughing and reminiscing about how we thought about banking when we were younger.

Check out our second video, More Kids on Banking, for a good laugh and help us celebrate a quarter century of serving community banks and credit unions.

For the last 25 years Safe Systems has worked with more than 600 financial institutions and managed more than 20,000 network devices. Safe Systems has found great success in helping community financial institutions significantly decrease costs, increase IT performance, enhance cybersecurity processes and improve their compliance postures.

28 Nov 2018
What Community Banks and Credit Unions Should Budget for in 2019

What Community Banks and Credit Unions Should Budget for in 2019

What Community Banks and Credit Unions Should Budget for in 2019

As 2018 winds down, banks and credit unions are thinking ahead to 2019. They are determining the new solutions, products, and enhancements needed to meet their strategic plans in 2019 and beyond. In addition, they are evaluating what needs to be updated or upgraded and the processes that can be improved upon.

There are three key areas banks and credit unions should focus on during budgeting season – technology, security and compliance. While lines that separate technology, security, and compliance are blurry at best, 2019 budgeting items for operations fall largely into these three buckets.

Compliance

Complimentary White PaperManaging Risk with Truly Secure Vendor Management Program Get a Copy

While the focus of many examiners has shifted back to financial aspects of institutions, the top three findings our customers report relate to:

  1. Vendor Management – Typically the current vendor management solution (if it exists at all) is deemed inadequate or insufficient. Often the solution doesn’t cover all vendors or provide a way to adequately assess these vendors.
  2. Business Continuity Planning (BCP) – In the mid to late 2000’s many banks and credit unions updated their Business Continuity Plan. However, for many institutions, these plans have remained relatively unchanged for a decade now. Technology and business processes on the other hand, have changed rapidly over the last decade. The Federal Financial Institutions Examination Council (FFIEC) has also updated their guidance to address the current challenges of BCP. If the institution’s plan has not been thoroughly updated in a while, the institution may be at risk of a finding on a future exam.
  3. With both of these findings there may be an additional finding of inadequate management or board oversight. Often these findings happen on the same exam and are followed with a concern with oversight. Many of the calls Safe Systems gets after an exam relate to these issues.

Avoid finding yourself under a Memorandum of Understanding or a Matters Require Attention by budgeting to ensure your compliance processes are up to date.

Vendor Management solutions can run from $2,500 to more than $6,000 per year. Business Continuity Plans can range more significantly from a couple of thousand to more than seven thousand dollars per year. Do some research and find some solutions that would meet your institution’s needs and identify their year one cost and annual cost thereafter.

Security

With attacks on the rise and businesses continually falling victim to cybercrime, security needs to be an institution’s priority. There are innovative solutions coming to market every day to help address security risks. These solutions can help mitigate the risks that your institution faces, but they can also cause confusion on where you should focus your attention. For the next several years, it is in the institution’s best interest to continually focus on the impending security landscape and verify that your budget reflects your strategy.

One place to start is to review your current solutions. Verify that your current investments are still applicable for your ever-changing environment. Upon investigation, you might find features that are available as an add-on to your current solution to help mitigate risk. You may also find holes in your current strategy that may need to be rectified.

Download Free PDFMoving Beyond Traditional Firewall Protection to Develop an Integrated  Security Ecosystem Get a Copy

As of October 2018, 90% of web traffic accessed through Chrome, the most popular web browser, was encrypted. These numbers have been increasing rapidly over the last few years. Many firewalls can only inspect unencrypted web traffic. This was a small risk when encrypted websites were less common. With the sudden rise of encrypted web traffic, many firewalls are NOT equipped to scan this data. It is possible to scan encrypted web traffic, but for many institutions this will require changes and additional investment. The risk of not scanning this encrypted web traffic significantly increases the chances of your institution becoming a victim of a malware outbreak or a data breach. Examiners in some regions have started to pick up on this security hole, and they are encouraging institutions to address this issue.

Another area of concern for institutions is new and emerging threats. Attackers are continually innovating and improving their attack methods, and basic security solutions may not be enough to detect and prevent these advanced attacks. Newer solutions specifically designed to analyze the growing attack techniques have been developed. The use of sandbox technology and machine learning are being tasked to make it more difficult for attackers to be successful. In many instances, these solutions can be imbedded within your perimeter firewall solution. These types of defenses can vastly increase the effectiveness of your security landscape.

Even though your firewall is viewed as a technical security device, it is also the device that grants users access to the internet. The internet has quickly become a business-critical service. When strategizing about upcoming budget aspects, the institution should consider the business risks involved when an internet device causes downtime. There are ways to mitigate internet downtime using high availability solutions. High availability involves having two firewall devices configured in a cluster. If one device fails, the second device seamlessly takes over responsibility so that downtime is avoided.

Additional devices and licensing will also affect the budget. These changes can be small or very large depending on the scope and goals of your strategy. Going forward, have a plan and strategy to deal with the ever-changing security landscape.

Technology

The biggest move in technology over the last half decade has been the move to the cloud. This will continue to be the case in 2019. The cloud offers benefits such as low maintenance, high availability and rapid disaster recovery that can’t be easily or affordably addressed with in-house solutions. The future likely means more servers and business functions moving to the cloud. This likely is where technology spend will move over the next 5 years. Another term for this is Infrastructure as a Service (IaaS). There are three likely situations that will lead to this move and determine how your institution makes the transition.

  1. Your institution desperately needs high availability and/or disaster recovery and is willing to incur the cost of moving from a hardware-based solution to a cloud-based solution.
  2. Your institution’s hardware infrastructure is reaching the end of its life and it is time to purchase all new hardware or move in a new direction. This can be a good time to evaluate your current setup and what is best for the future.
  3. Your institution has some regular hardware turnover scheduled for next year and wants to evaluate slowly moving to the cloud. Instead of buying a new server, it may be time to evaluate what the future of your infrastructure will look like and if the cloud is a long-term solution.

Free eBookEverything You Need to Know About the Cloud Get a Copy

Some vendors pitch the move to IaaS as a cost savings move. There are cost savings involved. No more hardware to buy and maintain; no more electricity to run the devices; no more cooling to keep hardware cool; and the ability to achieve high availability is easier and more efficient. However, the move to IaaS is typically not a cost savings, but a feature advantage. Most institutions will be lucky if they break even with moving to an IaaS model, but they will gain great redundancy, uptime, reliability, and disaster recovery capabilities.

Generic cost estimates are impossible due to the fact that everyone has different infrastructure, needs, wants, etc. But if flexibility and added freedom is something your institution wants or needs, start investigating what IaaS might cost for your institution. This technology has matured greatly over the last few years and continues to evolve, making it viable now and likely the wave of the future.

In moving into 2019, focus on two things. Are my current processes and products adequate? Not have they passed exams this year, but are they mitigating the current risks to the institution? Too often measuring by exams leaves the institution open to a false sense of security and potential exam issues in the future. For compliance, ensure the institution’s processes are thorough, up to date, and adequate to meet the needs of the institution. For technology, consider what the long-term goals of the institution are and start working on a plan to implement these changes. Security is going to need new investments each year for the foreseeable future. The historical solutions for security problems have been successful which has forced criminals to find ways around them. It’s time to realize that the threats have changed, and it is time to address the new threat landscape.

26 Nov 2018
Identifying Top Priorities for 2019 - IT Outlook Survey

Identifying Top Priorities for 2019: Participate In Safe Systems’ Annual IT Outlook Survey for Banks and Credit Unions

Identifying Top Priorities for 2019 - IT Outlook SurveyWe want to hear from you for our annual industry report examining how community banks and credit unions plan to meet their IT, compliance and security needs in 2019.

To better understand banks’ and credit unions’ current IT situation, we have been surveying community banks and credit unions for the last 3 years. Our previous reports highlighted top IT priorities, IT challenges, security concerns and compliance issues, as well as what technologies and investments banks and credit unions plan to leverage in the coming year. We share the information gathered by publishing a white paper; last year’s was “2018 IT Outlook for Community Banks and Credit Unions.” The report is designed to provide community banks and credit unions with valuable peer data that can provide guidance for key IT, compliance and security decisions.

Looking back on 2018, some of the trends we saw included:

  1. Cybersecurity and Information Security Continue to Challenge Banks and Credit Unions
  2. Cybersecurity was the greatest security challenge banks and credit unions foresaw for the year ahead and information security was also a top challenge.

  3. Compliance Continues to be a Challenge
  4. Managing strict, ever-changing government regulations and guidelines is the greatest IT compliance challenge, which has led to the increasing trend of outsourcing compliance needs.

  5. Outsourcing Remains Beneficial and Important for Smaller Institutions
  6. With limited internal resources and expertise, community financial institutions continue to augment their IT departments with outsourced service providers who are able to help them navigate the IT changes and meet examiner expectations.

  7. Technology Investment Continues
  8. Community financial institutions continue to recognize the need for investing in new technologies and services.

  9. Both Community Banks and Credit Unions Have the Same Pain Points
  10. The results indicated that both credit unions and community banks experience many of the same issues related to compliance, IT challenges and staffing constraints.

Other areas the survey focuses on include IT management issues, audit and exam preparation, additional technology challenges, vendor management, business continuity planning, reasons for change and implementation of new services and cloud usage.

We hope you will participate in the 2019 IT Outlook by taking our survey. By completing the survey, you will gain access to this comprehensive year-end report. Your anonymous responses will be aggregated to provide detailed graphs, charts and plenty of insight amongst your peers in the community financial industry.

Begin Survey
31 Oct 2018
NetConnect 2018

Preparing for the Future: The Value of Safe Systems’ NetConnect Customer User Conference

NetConnect 2018

Safe Systems hosted its 2018 NetConnect Customer User Conference October 2-4 in St. Simons Island, Georgia. The three-day conference was designed to bring customers, employees, and vendor partners together to exchange ideas and learn about key technology, compliance, and security best practices and solutions. Banks and credit unions from around the country attended to listen to inspiring keynote speakers and attend sessions designed to educate, motivate, and drive success. The event also included a tradeshow made up of a dozen vendor partners offering additional products and services to Safe Systems’ customers. One of the most critical meetings held during the event is the customer advisory meeting, where the Safe Systems management and product development teams gather feedback from a subset of customers on existing and future products and services.

A key goal of this year’s conference was to provide our banking and credit union customers with the necessary tools and guidance to develop comprehensive cybersecurity programs; meet stringent regulatory demands; and build successful institutions. The event began with an entire day of pre-conference training focused on information security threats, including cyber threats. As these threats continue to evolve, the need for effective IT management and efficient risk management increases. This professional development opportunity helped cultivate the skills needed to effectively create and maintain a comprehensive information security program; communicate effectively with the board; and improve vendor management processes.

NetConnect 2018

This year’s keynote speaker was Bill Treasurer, CEO of Giant Leap Consulting, and author of numerous books about courageous leadership. His speech, “Leading with Courage”, focused on practical strategies for building courageous workers that seek out leadership opportunities, how to step up to challenges, offer innovative ideas, passionately embrace change, and become more productive.

In addition, one of the guest speakers, Erich Kron, a security awareness advocate, led a session on “Hacking the Users: Developing the Human Sensor and Firewall,” which focused on how banks and credit unions can turn people into effective attack sensors and human firewalls. He discussed the real goal of security awareness training, the politics of phishing your users, and how to deal with repeat offenders.

NetConnect provided an atmosphere where customers could exchange ideas and learn more about the latest technologies and trends in the financial services industry. Safe Systems’ product managers led educational sessions, focused on the company’s solutions and services customers use every day, to provide expert training and share tips and tricks to help streamline processes. Safe Systems’ compliance and security teams also led informative sessions and interactive workshops on relevant compliance topics and trends, including how to manage or push back on examiners; steps to take after completing the cybersecurity assessment tool (CAT); and how to respond to and recover from a cyberattack.

NetConnect 2018

During the conference, Safe System’s employees and customers celebrated the company’s 25th anniversary. For more than two decades, Safe Systems has worked with more than 600 financial institutions and managed more than 20,000 network devices. Safe Systems has found great success in helping community financial institutions significantly decrease costs, increase IT performance, enhance cybersecurity processes and improve their compliance postures. With our expertise and experience in the industry, we have a solid understanding of what is coming down the pipeline, how to anticipate trends and have gained a unique perspective into what our customers need. Our talented employees work hard to build strong relationships with our clients and pride themselves on the quality customer service they provide.

Safe Systems strives for the NetConnect event to be an engaging and educational experience where bankers and credit union professionals can gain valuable knowledge on technology, compliance, and security. The company values the customer partnership and the opportunity to seek their direct feedback on current and future services which will ensure success for both parties. Safe Systems continues to provide products and services to help community banks and credit unions strengthen their institutions and build success. Our solutions, combined with our customer service and advisory, arm our customers with the resources they need to succeed in today’s financial environment and beyond.