Where Security Fits In Strat Planning (Hint, Everywhere)
NAPLES, Fla.-The steps may be among the most basic, yet they are often overlooked in strategic planning.
That's one reason Wendy Lokken, co-CEO and vice chairman at Lasertec, reminded credit unions to ensure they review their checklists for preventing fraud in 2012, including encrypting every bit of outgoing data, shredding paperwork, backing-up files and changing passwords regularly.
While many of those are already almost automatic for CUs, she said that it's important to remember manual security tasks-such as shredding-along with automatic, digital tasks. "It's very easy to overlook something, but if it's always on your priority list, you're more likely to be proactive about it than to get caught in a situation where you've completely failed in a necessary circumstance."
Lokken reminded credit unions to ensure their strategic partners are also doing similar things, and are in compliance and have strong quality control programs in place to prevent any type of breach that might occur with the transfer of their data-whether it's a core processor or a statement processor.
The member, after all, doesn't blame the vendor, and trust is "imperative, as they are an extension of their protection shield that needs to be provided to their members, and it is a critical partnership."
Additionally, Lokken recommended that CUs-in particular smaller CUs-work closely with state leagues to be sure they have the compliance and security resources necessary, including in-house.
The regulatory burden, she said, "is not going away, but we're all facing it. [Credit unions] have to be prepared. I think you'll find a lot of [credit unions] are designating someone as a compliance security director in their organization, whether that's out of the accounting department or the networks throughout their organization." That may be a tough proposition financially, she said, but "credit unions are going to have to plan for it in their budgets."