Made Safe in Wyoming provides necessary leadership for state-wide cybersecurity awareness and it brings together valuable resources for enhancing an organization’s cybersecurity. First Federal is proud to support and be involved with this important work.
– Tyler Neeriemer, First Federal Bank & Trust, IT Administrator, Winner of the 2018 Wyoming Cybersecurity Competition for Small Businesses
Advice from First Federal Bank & Trust for Small Businesses
In cyber-mentoring other small businesses, First Federal Bank & Trust talks about three key points to securing your company and points out they are just management issues – any business leader can do this.
|Manage User Access
|Manage Software Updates
|90% of cybersecurity
incidents and breaches
included phishing as an
|80% of critical vulnerabilities
can be mitigated by locking
down administrator rights.
|97% of the observed exploits
in 2014 were via 10 known
vulnerabilities, where a
patch was available.
|2017 Verizon Data Breach
Investigations Report –
2017 – page 2
|2015 Verizon Data Breach
Investigations Report –
First Federal Bank & Trust recommends that its small business customers follow the standard 5 step approach
- Identify – Know what you have – complete an inventory of your devices, software, critical information that needs protected, employee roles, and who your vendors are. Then, do some threat modeling and determine where your vulnerabilities may be whether it is employee training, hardware failure, or being behind in patching your systems.
- Protect – Mitigate the threats and come up with a solution. Talk to a Sheridan County Chamber of Commerce cybersecurity committee member or your cybersecurity team if you don’t know how to fix the problem. FFBT, as a member of that committee, is here to help.
- Detect – Monitor for anomalies, whether it is a strange email, an odd invoice, or increased network traffic. Talk to each other about ‘what’s real.’
- Respond and Recover – Plan for failure by creating your policies and plans, and maybe purchasing cyberliability insurance, to make sure you are ready if the worst happens.
- And then FFBT adds that small business owners should Review the whole process regularly
FFBT feels it has a responsibility to help in Sheridan County and we hope that small business owners throughout our region will take advantage of the Sheridan County Chamber of Commerce Cybersecurity Committee.
Use 2 Factor Authentication for All Financial and Email Products
First Federal Bank & Trust recommends that all business owners use 2 factor authentication wherever possible. It offers a simple, free additional layer of security for business accounts.
What is 2 Factor Authentication? Many of us know this method from our bank accounts, where when we sign onto our online banking, we are asked for a security code that is sent to our cell phone. The computer programs are requiring two contact methods to make sure that you are the right person.
The benefits include:
Improved Security – it decreases the probability that a cyber attacker can gain access to both your email and phone to get to your bank account, for example.
Increases Mobility of Workers – because of 2 factor authentication, having contracted staff members working from home, from a different state, or overseas is more secure because they have to identify themselves in two ways to gain access to company systems.
Increases Productivity – password resets are the 35-40% of help desk calls with an average call time of 20 minutes, but if a user is allowed to reset his/her own password using two factor authentication processes, then productivity is increased on both sides of the equation.
Reduces Identity Theft – for a business, if your software is breached and customer data is stolen, then it will seriously hurt your reputation. Thus, ensuring 2 factor authentication is enabled for company systems and software used is one step in protecting your customers from identity theft.
Advice about Wire Transfers
First Federal Bank & Trust recommends that all banking customers that use wire transfer as a form of payment, establish dual controls in their accounts payable process, including 2 factor authentication, audit frameworks, and other third party security services that are available to you. Train your accounts payable team so they know the latest schemes.
The National Cybersecurity Alliance has some great resources for small businesses at this link.
|Wire Transfer Situation
|Wire transfer request via email from
someone in the company.
|Call them to ask if it is correct and verify account
and routing information.
|Wire transfer request via email outside
|If it is a vendor you know, call to ask if it is correct and
verify account and routing information. If it is someone
you don’t know, delete the email.
|New wire transfer instructions or changes
to existing wire transfer instructions
|Require the change to be placed in writing from the
requester, other than an email request. Verify with your
wire transfer vendor.
|Confidentiality is emphasized in the
|Be really suspicious.
Confirm confirm confirm using the steps above.