Identity Management At CUs is Lax, StudyFinds
MADISON, Wis. - (03/08/06) Identity management at creditunions, using, protecting and applying a membersconfidential information, is lacking among credit unions, accordingto a new study conducted by IP professionals at credit unions.Among the studys findings: new technologies are rapidlychanging the way identities are managed; the biggestvulnerabilities lie outside faulty software and hardware, but inhow members protect their information outside the system;interoperability among disparate systems is a major hurdle; mostsecurity audits at credit unions occur only after a cyber attack;and regulations requiring multiple layers of authentication areslowing down the validation process for each online user byseconds, adding up to thousands of hours each year. The study,conducted for the University of Wisconsin-Madison, comes asincidents of identity theft like credit card fraud, online phishingand pharming attacks and check counterfeiting are exploding atcredit unions throughout the country and vendors are peddling allforms of newfangled solutions. Of credit unions surveyed, 70%didnt have a formal identity management governance policy;and 75% are concerned about meeting the regulatory requirements ofthe US PATRIOT Act and other anti-terrorist laws. The study whichwas conducted through focus groups, surveys and a case study, wasdone in collaboration between the CU Information ProfessionalsAssociation, the CUNA Technology Council, CUNA Mutual Group, theEducation CU Council, and the University of Wisconsin.