CU Portal

..:: CU Portal ::..

Home

Services

Products

Hosted Services

CU Portal

Announcements

Secured Gateways for Credit Unions - 8-Apr-2005
Kryptec.net provides a secure access gateway for those credit unions that do not have the time or the capital resources to build a secured network infrastructure that is compliant with NCUA Part 748 or GLB Section 500. SIGMA which stands for Secure Internet Gateway-Managed Access provides you with the tools to do so. For more information contact Brian Ross at bross@kryptec.net

NCUA Letters

ATMs: Triple DES Encryption

Authentication in Internet Banking

Computer Software Patch Management

Electronic Data Security Overview

E-Mail and Internet Related Fraudulent Schemes

Fraudulent Newspaper Advertisements/Websites

Weblinking: Identifying Risks & Risk Management

Recent Cyber Attacks

Internet/E-Mail Fraud Alert
Recently, there have been multiple e-mail fraud attempts, known as "Phishing”, that were initiated via e-mail sent to both the general public and to some credit union members that appeared to be from NCUA.
read more...

Pornography and Marketing - Sunday, January 22, 2006
Controling the assault of Non-Solicited pornography and marketing.

Recent Cyber Attacks - Sunday, January 22, 2006
Alert that focuses on raising awareness that financial institutions are becoming more popular prey for attacks.

The President’s Task Force on Identity Theft was established by Executive Order 13402 on May 10, 2006, launching a new era in the fight against identity theft. Recognizing the heavy financial and emotional toll that identity theft exacts from its victims, and the severe burden it places on the economy, President Bush called for a coordinated approach among government agencies to combat this crime.

The President’s charge was to craft a strategic plan aiming to make the federal government’s efforts more effective and efficient in the areas of identity theft awareness, prevention, detection, and prosecution. To meet that charge, the Task Force, chaired by Attorney General Alberto R. Gonzales and co-chaired by Federal Trade Commission Chairman Deborah Platt Majoras, focused on several areas:

Law Enforcement
Education
Government safeguards

The Task Force conducted meetings, spoke with stakeholders, and invited public comment on key issues. The recommendations that comprise the strategic plan are designed to strengthen the efforts of federal, state, and local law enforcement officers; to educate consumers and businesses on deterring, detecting, and defending against identity theft; to assist law enforcement officers in apprehending and prosecuting identity thieves; and to increase the safeguards used by federal agencies and the private sector with respect to the personal data they hold.

NCUA 12 CFR Part 748

Federally mandates that all federal credit unions develop an comprehensive internal security program. This program is designed to protect each credit union from robberies, burglaries, larcenies, and embezzlement; Ensure the security and confidentiality of member records, protect against anticipated threats or hazards to he security or integrity of such records, protect against unauthorized access to or use of such records that could result in substantial harm or serious inconvenience to a member; assist in the identification of a person who commits or attempts to commit such actions and protect against the destruction of vital records.

Safe guards designed by this program are intended to: (1) insure the security and confidentiality of customer records and information; (2) protect against any anticipated threats or hazards to the security or integrity of such records; and (3) protect against unauthorized access to or use of such records or information that would result in substantial harm or inconvenience to any customer.

NCUA regulations require that federally-insured credit unions have a written security program designed to protect each credit union from robberies, burglaries, embezzlement, and assist in the identification of persons who attempt such crimes. Expanding the environment of protection to include threats or hazards to member information systems is a natural fit within a comprehensive security program. To evaluate compliance, the NCUA will expand its review of credit union security programs and annual certifications. This review will take place during safety and soundness examinations for federal credit unions and within the established oversight procedures for state-chartered, federally-insured credit unions. If a credit union fails to establish a security program meeting the regulatory objectives, the NCUA Board could take a variety of administrative actions. The Board could use its cease and desist authority, including its authority to require affirmative action to correct deficiencies in a credit union’s security program. 12 U.S.C. 1786(e) and (f). In addition, the Board could employ its authority to impose civil money penalties. 12 U.S.C. 1786(k). Finding that a credit union is in violation of the requirements of §748.0(b)(2) would typically result only if a credit union fails to establish a written policy or its written policy is insufficient to reasonably address the objectives set out in the proposed regulation.