Technology Guidance for Bank and Credit Union Professionals

A collection of advice by InetSolution about programming, security, design and marketing for bank and credit union professionals.

Latest Entries


Failover or Disaster Recovery Sites on a Budget for Banks and Credit Unions

Posted by Jason Sherrill

Banks and credit unions should plan ahead for a fast and efficient response if their main website is ever hacked or defaced in any way. One key preparation step is to have a failover or disaster recovery website that is always online, free from infection of any malicious code, and ready to replace the main website temporarily. Unfortunately, not all content management systems or website platforms allow for multi-server web farms or geographically distributed systems. Even when the platform does support it, not all banks and credit unions can afford the costs. Let's look at a way that banks and credit unions can do failover on a budget.

Stop Using This Word To Refer to Talented Human Beings

Posted by Jason Sherrill

There are a few terms that people commonly use in corporate America today that make employees feel more like machines than talented souls with the capability to deliver meaningful work and positive customer interactions. Managers often use one of these words frequently and casually without knowing that it invokes cringes and barely discerinble muttering form the most talented people in the room.

Upgrade Your Website CMS to Meet New FFIEC Guidelines with Multi-Factor Authentication

Posted by Matt Davis

The latest FFIEC security guidelines recommend that financial institutions add multi-factor authentication (MFA) to all Internet systems, including website content management systems. Most website content management systems do not yet provide multi-factor authentication, but we have a solution for that.

Usability Tip: Use Consistent Terminology That Users Understand

Posted by Jason Sherrill

In this video post, I share advice that is applicable to all websites, but is a topic that we encounter frequently on bank and credit union websites and nearly always have to address. Fixing usually takes just a few minutes and will make your website easier to use and support for your customers.


Plan for Browser Obsolescence to Keep Moving Forward

Posted by Jason Sherrill

It’s 2015 and many banks and credit unions are still spending time and money supporting Internet Explorer 7 and 8 while simultaneously trying to move forward building modern responsive websites optimized to take advantage of current desktop and mobile technologies. How should a bank or credit union determine when to stop officially supporting old browser versions on their websites?


CPAs Should Employ Methods to Protect Client Data

Posted by Jason Sherrill

Certified Public Accountants handle enormous amounts of sensitive data when working with their business and individual clients, but many CPAs are not aware of the risk that they're subjecting their clients to when they send or receive documents through many common sharing methods today. Let’s look at three of the most common methods by which CPAs unwittingly put customer data at risk.


A Customer Reported Suspicious Pop-ups on Your Website. Has it Been Hacked?

Posted by Jason Sherrill

This is one of those calls that makes the hair stand up on your neck. A customer calls your service center distressed because she is seeing suspicious looking pop-ups for credit reports, free loans, or unseemly products when she visits your site. She is concerned that your website has been hacked. You have followed good security practices and your trusted security partner has said that there is no malicious code on your website. What could be causing your customer to see this unusual pop-ups touting free credit scores or credit card offers only when she visits your website?


Critical Website Assets Every Bank and Credit Union Must Own

Posted by Jason Sherrill

I work with many new banks and credit unions every month to help them launch new websites, migrate websites into new hosting environments, and help put DDoS mitigation and other security protections in place. A surprising number of the financial institutions that come to us for help are in a very precarious position with regard to ownership and access to the control mechanisms critical web properties, including their domain registrar account and DNS administration. When time is of the essence, not knowing who holds the keys to these web properties can create significant delays in getting services transferred or restored. If you’re a bank or credit union executive responsible for managing disaster recovery or information security risks, you should set aside some time today to ensure that you know who manages these three important assets.


Why Delivered Secure Reports the IP Address and UserAgent String of Recipients

Posted by Jason Sherrill

A Delivered Secure user recently asked what the External IP Address and Browser UserAgent String values are that we provided in an email notification when someone picks up a file you’ve sent. These two pieces of information help to form an audit trail and provide the sender of the secure message a level of validation that that person who received the files is intended recipient. Are there any security risks associated with highlighting this already public information? Let’s explore that question further.

“How much will this project cost?” May not be the Best First Question to Ask

Posted by Jason Sherrill

Usually the first question prospective clients hope I can answer quickly is, “How much is this going to cost?” That’s a reasonable question, but unless you know exactly what you want and can provide detailed specifications to your development team, you're not likely to receive an estimate with high degree of accuracy. In most situations, you'll achieve a better outcome by sharing your budget amount with a trustworthy partner and asking, "I have X dollars available for this project. How can I best maximize my value in this project?"

Bank Website Being Flagged as Phishing Site?

Posted by Jason Sherrill

Banks are naturally concerned when a customer reports that her security software is identifying the bank's website as a potential phishing site. In many cases, these reports are false positives and do not mean that someone has compromised your website, but there are steps that you should take to ensure the safety of your website and to assure your customers that the site is safe. 

Peninsula Bank Unveils New Modern Website

Posted by Jason Sherrill

Peninsula Bank is nestled in Michigan’s Upper Peninsula, a region where you can still have snowball fights in July, but people are unusually warm & friendly. When the awesome folks there asked us if we could help them modernize their website, we were happy to oblige.

Mintuition.org Makes its Debut

Posted by Jason Sherrill

The Filene Research Institute unveiled its latest cool web app called Mintuition (www.mintuition.org). Mintuition will help students and parents better evaluate college and career choices by helping to quantify the Return on Tuition a student can expect after completing a degree from various colleges. Filene gets all the credit for the data analysis and fancy algorithms driving the web app, but we’re quite proud of the responsive design and slick code driving the app. 

Removing Meta Data from Documents on Bank Websites

Posted by Jason Sherrill

When you upload documents, such as PDFs or Word files, to your website you may be unwittingly divulging information that could prove useful to hackers and other outside parties. If you’ve had any sort of vulnerability assessment performed on your website, you may see a reference to this metadata existing on your website. While it’s a relatively low risk threat, to stay in the good graces of your risk department, you’ll likely want to remove this data from documents before you publish to your website.

Delivered Secure v4.0 Brings New Drop Off Feature and Security Enhancements

Posted by Jason Sherrill

Delivered Secure, our secure messaging and document delivery web app, is getting a handy new feature and some security enhancements. The new Drop Off feature will be especially useful for loan officers in banks and credit unions. 

Complex Passwords Harder to Crack, but It May Not Matter

Posted by Jason Sherrill

If your organization provides any computer security training at all then it should be no news to you that long, complex passwords are more difficult to crack than the more simple passwords that most users choose today; however, nearly all people I’ve talked who work in banks don’t realize how fast their passwords can be cracked by today’s modern computers. Many people will be surprised at this chart. 

Unusual E-mail Marketing Move That Caught My Attention

Posted by Jason Sherrill

Email marketers are used to a majority of recipients ignore their email campaigns. After ignoring dozens or more, Stonyfield finally did something yesterday that got me to open one of their campaigns, and I loved it!

Why a simple typo may be leaking your business's private data

Posted by InetSolution STaff

Have you ever mistyped an email address? Ever had someone misspell yours? Email address typos occur all the time, and these misspellings can actually be a very large security concern for your business.

Are you choosing a good password?

Posted by InetSolution STaff

Passwords, ugh, don't you hate them? Passwords are a shared annoyance and inconvenience for all of us these days. Passwords are our main line of defense to verify we are who we say we are and to protect our identity and data. Since passwords are such a critical component to our daily technology lives we've been forced to make them less "guessable" more cryptic and thus harder to remember. The most common technique for making your password has been to take a word, it is called a pass-WORD after all, and add some capitals, a number and then maybe some funky symbol like #, % or !. This is great, but surprisingly enough, this isn't really as secure as it could be AND it's silly hard to remember. Today the witty folks at xkcd, an online daily comic for techie nerds such as ourselves, posted a great little comic covering this topic.

5 Creative Uses for Secure File Exchange

Posted by InetSolution STaff

Secure File Exchange is one of those apps that we just love to work on because there are so many creative ways our customer's using it. So, we figured we would share a few:
Displaying results 21-40 (of 74)
 1 2 3 4 

Blog RSS Feed

Request a Consultation

Let us help you accomplish big goals.