Today’s credit union CIO can be overwhelmed with choices and technologies when it comes to ensuring that sensitive member data is secured from branch to headquarters or to backup/disaster recovery facilities and other 3 rd parties. At one time, solutions like Frame Relay made the choice simple. But as bandwidth prices have dropped and bandwidth-intensive applications are being deployed, Frame Relay continued to be expensive and no longer practical. Carrier-based solutions like MPLS offer redundancy options that make it an attractive choice for credit unions concerned about business continuity, but the expense and lack of full end-to-end encryption rightfully causes concern. Other Virtual Private Network technologies allow credit unions to take advantage of the low cost and high redundancy of an Internet WAN, but what do you look for to make sure the necessary security is in place?
One organization recently made the transition from a Frame Relay/ISDN network to an Internet-based network. They did this to reduce their operational expenses, improve bandwidth, and increase the protection of their members’ data while in transit. Here are three areas they looked at to ensure security wasn’t sacrificed in the name of cost and increased productivity.
Many so-called private line networks are touting security. But when you dig deeper into exactly how security is being provided, you find they are relying on traffic separation to keep member data safe. Although these networks are labeled “private” they are in fact sharing the network with their other customers. Full end-to-end encryption of data is recommended by almost all regulatory institutions that cover financial services companies.
Strong mutual authentication serves as a “perfect firewall” of sorts. It eliminates the possibility of an attacker inserting himself into the network via identity spoofing or man-in-the-middle attack. The best option here is going to be networks that provide strong authentication without adding burden to network users.
Many so-called “private” networks function much like the Internet. Network equipment handles data from many of the users of the “private” network and is vulnerable. Having equipment dedicated to your credit union ensures your information will not cross paths with another institution on the network.
There is a complex landscape facing credit union CIO’s when it comes to network security. Government and industry regulations are getting more stringent and will continue to move in that direction. By including the above criteria with other considerations like cost, ease of use, and ease of implementation, credit union CIO’s can ensure they are offering the highest possible protection for member data without adding unnecessary costs and complexity.
Blue Ridge Networks provides technology and solutions to implement impenetrable communications solutions over the Internet. We have over 10 years of serving organizations with the highest security standards, including U.S. intelligence agencies, banks, and credit unions, without a single reported security vulnerability during that time. We have thousands of users in over 30 countries on our managed networks. Blue Ridge has partnered with CUSO’s like Ongoing Operations to make our solutions available to the credit union industry. Please visit http://www.blueridgenetworks.com/solutions/sves.htm or www.ongoingoperations.com to learn more.