Three ways to ensure your wide area network is secure

Some credit unions still see the Internet as unmanageable, unreliable, and worse yet, insecure. While this may have been the case years ago, software, hardware and managed service providers are solving these problems with a variety of solutions.


By CU*Answers


Today’s credit union CIO can be overwhelmed with choices and technologies when it comes to ensuring that sensitive member data is secured from branch to headquarters or to backup/disaster recovery facilities and other 3 rd parties. At one time, solutions like Frame Relay made the choice simple. But as bandwidth prices have dropped and bandwidth-intensive applications are being deployed, Frame Relay continued to be expensive and no longer practical. Carrier-based solutions like MPLS offer redundancy options that make it an attractive choice for credit unions concerned about business continuity, but the expense and lack of full end-to-end encryption rightfully causes concern. Other Virtual Private Network technologies allow credit unions to take advantage of the low cost and high redundancy of an Internet WAN, but what do you look for to make sure the necessary security is in place?

One organization recently made the transition from a Frame Relay/ISDN network to an Internet-based network. They did this to reduce their operational expenses, improve bandwidth, and increase the protection of their members’ data while in transit. Here are three areas they looked at to ensure security wasn’t sacrificed in the name of cost and increased productivity.

End-to-End Encryption
Many so-called private line networks are touting security. But when you dig deeper into exactly how security is being provided, you find they are relying on traffic separation to keep member data safe. Although these networks are labeled “private” they are in fact sharing the network with their other customers. Full end-to-end encryption of data is recommended by almost all regulatory institutions that cover financial services companies.

Strong Authentication
Strong mutual authentication serves as a “perfect firewall” of sorts. It eliminates the possibility of an attacker inserting himself into the network via identity spoofing or man-in-the-middle attack. The best option here is going to be networks that provide strong authentication without adding burden to network users.

Dedicated Equipment
Many so-called “private” networks function much like the Internet. Network equipment handles data from many of the users of the “private” network and is vulnerable. Having equipment dedicated to your credit union ensures your information will not cross paths with another institution on the network.

There is a complex landscape facing credit union CIO’s when it comes to network security. Government and industry regulations are getting more stringent and will continue to move in that direction. By including the above criteria with other considerations like cost, ease of use, and ease of implementation, credit union CIO’s can ensure they are offering the highest possible protection for member data without adding unnecessary costs and complexity.

Blue Ridge Networks provides technology and solutions to implement impenetrable communications solutions over the Internet. We have over 10 years of serving organizations with the highest security standards, including U.S. intelligence agencies, banks, and credit unions, without a single reported security vulnerability during that time. We have thousands of users in over 30 countries on our managed networks. Blue Ridge has partnered with CUSO’s like Ongoing Operations to make our solutions available to the credit union industry. Please visit or to learn more.


This sponsored content article is provided to the credit union community for shared insights and knowledge from a recognized solutions provider in the industry. Please note that the views and opinions offered here do not reflect those of Callahan & Associates, and Callahan does not endorse vendors or the solutions they offer.

If you are interested in contributing an article on, please contact our Callahan Media team at or 1-800-446-7453.


Feb. 4, 2008


  • Great article.
  • Strong authentication for both wide area networks and for remote access users is key to preventing security problems that arise from password only solutions. But as the author states, it needs to be easy or no one will adopt it.