Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads BOL Conferences CrimeDex Em@il Education FREE Briefings Record Retention
 

Support for BOL is provided by:

MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    FACTA/FCRA

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Operations Tools

    SAR Resrch Guide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch
Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us

Print Friendly! Email This Article! Discuss NOW!

Securing the Little Things
by Andy Zavoina, BOL Guru
Guru Bios

Ernst & Young sent a letter on February 13, 2006 warning clients that their Social Security Numbers may have been compromised. An employee's laptop was stolen from the employee's locked car. The laptop was password-protected and this appears to be a random act of thievery more than an attempt to gain corporate information. So while risks are minimal, they exist.

In a letter dated February 17 of this year to 9,000 current and former employees, McAfee (the anti-virus company) revealed that the employees' confidential data, names and Social Security Numbers may have been compromised. In this case, McAfee's accounting firm, Deloitte & Touche, lost an unencrypted CD with the data. The CD was unmarked and left in the back of an airplane seat pocket with some music CDs.

Ernst & Young and McAfee have offered to pay the cost of credit monitoring for those affected.

First Horizon Mortgage recently sent out 2,400 breach notices after someone broke into its Lake Oswego office and stole a computer with customer information. The theft was on January 30. The notice was sent February 24. The company attributed this delay to be the time needed to verify which customers were affected.

This raises the question each financial institution should ask: "What if this happened to us?" Employees try to work hard and they may take work home with them. Many must travel with data. Precautions must be taken.
  • Do you have policies and procedures that require encryption?
  • Are laptops and PDAs with your customer data, bank-owned or not, password protected, and how secure are they?
  • How would you identify the compromised data -- through recent backups?
  • How would you handle a lost and recovered device with data, and would you know if it had been accessed?
  • What is your plan for notification of a breach?
The questions above need to be answered in advance of a loss. Trying to do this in the midst of a crisis could increase the chance of an error and delay your response, damage your reputation, and lead to greater damage.

Related link:
  • Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice PDF;   text

First published on BankersOnline.com 3/10/06


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.