Thursday, December 27, 2012

Forrester report finds US tablet ownership doubled this year

Forrester Research has come out with its annual report on technology consumption in the US, and tablets are certainly gaining popularity.

Image source: Article
Although slightly lower than Pew Research's figures, Forrester deduced from its nigh 60,000-strong survey that 19 percent of 'mericans over the age of 18 own at least one tablet -- double the number the research outfit noted last year.

The whole report isn't available to the public, but why not use the time you would've spent reading it inspecting what's under the tree, and hoping you'll be responsible for upping those tablet stats in next year's report.

Read the blog to access the report.

Wednesday, December 26, 2012

Public WiFi Threats Dissected

You have heard the loudly voiced fears: Signing onto open, unmanaged, public WiFi networks is about as smart, and safe, as unprotected public sex with strangers.

Image source: Article
Everything up to and including identity theft is blamed on public WiFi -- and yet most of us continue to use it. A recent study, for instance, says 55 percent of mobile devices use public WiFi.

All the threats are reasonably accurately portrayed, but you know what is missing? Quantification of how often users on public WiFi networks are compromised and what costs or damages ensued.

Do you allow your members to bank online using public WiFi? Should you?

Friday, December 21, 2012

From CRM to “Big Data,” why a step back can be a step forward

Are banks in general shying away from technological advances, such as the use of “Big Data” analytics, because the issue is just too complex to get a handle on? Will mobile banking and mobile payments ever become mainstream, and, if so, when?

Image source: Article
A lot of banks can’t afford that kind of research and development and they depend on third parties.

Isn’t one of the arguments that if banks don’t do it, other competitors will?

What is your CU's position on Big Data? Read the article to see what other banks think.

Thursday, December 20, 2012

Banks Spend Way More On Info Tech Than Any Other Business

Measured as a percentage of revenues, financial services firms spend more on IT than any other industry.

Image source: Article
The reasons for a higher use of IT in the banking industry are manifold. Financial service firms have to fulfill exacting regulatory requirements which translate into IT costs that do not contribute to the firms’ earnings.

Furthermore, banks rely heavily on IT in their back offices as well as their distribution channels.

How much does your CU spend on IT? Read the article to see how you stack up.

Wednesday, December 19, 2012

Using Data and Analytics to Fight Fraud

As financial institutions enhance the data they are willing to apply toward helping alleviate fraudulent activity, it could have a game-changing impact in the fight against fraud.

Image source: expetec1202
Fraud still poses a very real threat to financial institutions and businesses because, in most cases, they bear the majority of the financial burden.

Lawmakers have recently passed legislation designed to detect and protect consumers, businesses and financial institutions from a multitude of fraud schemes, but are laws alone enough to contain the rising threat of fraud?

Does your CU lean on laws to help protect against fraud? Read the article to see what the author of this article has to say.

Tuesday, December 18, 2012

Social Media: The Next Big Payments Platform?

Payments upstarts like Dwolla and Chirpify are aiming to capitalize on social media's popularity.

Image source: Article
But the question remains whether consumers will flock to a system that lets the world know what they're buying.

Watch the video to see where things are headed.

Friday, December 14, 2012

Managing Mobile Risk – Avoiding Information Governance Mine Fields

Despite the challenges, CUs can rein in the information governance risks with common sense and the latest technologies.

Image source: Article
Most Credit Unions don’t practice what they preach when it comes to information governance.

Centralized document management, formal information management lifecycles, and proof of governance policy enforcement have all become non-negotiable elements in many firms’ policy management and enforcement protocols. And they influence firms’ choices of technology.

What does your CU information governance program look like? Read the article to learn more.

Thursday, December 13, 2012

DDoS Attacks Against US Banks Peaked At 60 Gbps

Some of the distributed denial-of-service (DDoS) attacks that targeted the websites of U.S. financial institutions this week have peaked at 60 Gbps.

Image source: NSS Labs
A group calling itself "Izz ad-Din al-Qassam Cyber Fighters" launched a series of DDoS attacks against the websites of several U.S. banks during September and October, severely disrupting online and mobile banking services for extended periods of time.

The attacks are not that much different from the ones in September and October. There are some changes in the tools being used, but they are not significant.

Most banks and their providers are better prepared to defend against DDoS attacks now than they were two months ago. How does your CU stack up?

Tuesday, December 11, 2012

Cyber Terrorists Threaten Fresh Attacks Against U.S. Banks

A group claiming to be aligned with Islamic terrorism that launched a massive attack against U.S. bank websites in the fall has threatened another round, set to start this week.

Image source: Article
n the last round of attacks, security experts told FOX Business the perpetrators created a so-called “botnet” of compromised Web servers that it used to carry out the attack. The Web servers, the experts said, provided more horsepower than the personal computers because of their higher-level access to Internet infrastructure and less limiting bandwidth restrictions.

Without spoiling the article, side channel attacks could threaten cloud security in a big way. It's best to be prepared. Read the article to start getting prepared.

Friday, December 7, 2012

Sophisticated Smartphone Hacking: 36 Million Euros Banking Theft

A sophisticated digital attack involving smart mobile phones has been used to steal 36 million euros or 47 million dollars from corporate and private banking customers across Europe.

Image source: Article
The attack appears to have emanated from cybercrime servers in the Ukraine.

Android and Blackberry mobile devices have been specifically targeted, showing that attacks against Android devices are now a growing trend.

What are your thoughts, observations and views? Read the article to read more about "ZITMO" or "Zeus-In-The-MObile".

Wednesday, December 5, 2012

Sophisticated Zeus Campaign Stole €36 Million From 30,000 Bank Accounts

The Eurograbber campaign, as it has been named, used custom versions of Zeus and Zeus in the mobile (ZITMO) Trojans to bypass the two-factor authentication measures to compromise customer bank accounts.

Image source: Article
The sophisticated Zeus campaign stole an estimated €36 million, or $47 million, from over 30,000 customers across more than 30 banks in Europe this summer.

The attack intercepted SMS messages sent to customers to confirm financial transactions.

Does your CU protect your SMS channel? Read the article to see how these banks fell victim to this expensive campaign.

Tuesday, December 4, 2012

Good Vault launches two-factor authentication for iPhones

Good Technology announced Good Vault, a system for adding two-factor authentication to the iPhone 4 and 4S for access to Good for Enterprise email.

Image source: Article
The system will be especially valuable for government agencies and companies in highly regulated industries, such as healthcare and financial services, where it's critical to ensure that data is protected from unauthorized users if an employee's smartphone is lost or stolen.

With the Vault system, one of two sleeves is attached to the iPhone: One that can read a smart card or one that can read a microSD card, he said. Once either of the sleeves is in place, inserting the microSD or smart card becomes one component of the two-factor identification process, while typing in a PIN is the second. Once authenticated, users would have access to Good for Enterprise email.

Read the article to learn more about protecting access to the iOS platform.

Monday, December 3, 2012

Using Cloud for Disaster Recovery

Use of cloud for DR solutions is becoming more common, even the organizations which are not using cloud for mission critical production applications are moving towards using cloud for application DR.

Image source: Article
The article covers some of the best practices and lessons learned from the Cloud DR solutions we have implemented so far.

What does your CU do for disaster recovery? Read the article to see all tips and tricks and best practices.

Friday, November 30, 2012

Bank Agrees to Reimburse Hacking Victim $300K in Precedent-Setting Case

In a case watched closely by banks and their commercial customers, a financial institution in Maine has agreed to reimburse a construction company $345,000 that was lost to hackers after a court ruled that the bank’s security practices were “commercially unreasonable.”

Image source: Article
People’s United Bank has agreed to pay Patco Construction Company all the money it lost to hackers in 2009, plus about $45,000 in interest, after intruders installed malware on Patco’s computers and stole its banking credentials to siphon money from its account.

Although the UCC places some burden on the customer to “exercise ordering care,” the court found that it was unclear what obligations a customer had when the bank’s security system was found to be commercially unreasonable.

How much does your CU have to lose for not taking the right steps to protect your members?

Thursday, November 29, 2012

Online Service Offers Bank Robbers for Hire

An online service boldly advertised in the cyber underground lets miscreants hire accomplices in several major U.S. cities to help empty bank accounts, steal tax refunds and intercept fraudulent purchases of high-dollar merchandise.

Image source: Article
The service, advertised on exclusive, Russian-language forums that cater to cybercrooks, claims to have willing and ready foot soldiers for hire in California, Florida, Illinois and New York.

The proprietors of this service say it will take 40-45 percent of the value of the theft, depending on the amount stolen.

In 2010, the U.S. Justice Department targeted one such network in New York City, charging more than three dozen J1s with knowingly assisting in the theft of funds from organizations that had been victimized by cyber fraud. But was that enough? Read the article to find out more about these e-robbers.

Monday, November 26, 2012

Big Data in Banking: Driving Value in Next Best Action

It’s difficult to read a banking technology article or go to a conference without hearing about big data.

Image source: Article
Most of us now believe that big data is more than just hype, that it can offer business benefits to those that can leverage big data into new business capabilities.

But a common question I hear is “How does it relate to my day-to-day business? What does a “big data” business use case look like?”

What does Big Data look like for your CU?

Monday, November 19, 2012

Best BYOD management: Work zones for smartphones

Anthony Perkins wants employees at BNY Mellon to bring their personal smartphones to work and use those instead of company-issued BlackBerries to access business email, applications and data.

Image source: Scoop.it
But there's a catch: Not all employees are comfortable with the prospect of having their personal phones locked down and controlled as tightly as the BlackBerries that Perkins would like to phase out. That's where the notion of containerization comes in.

Because corporate apps and data are often mixed in with the user's personal content, mobile device management (MDM) tools tend to be very strict when it comes to managing corporate resources on users' phones. Usage policies often apply to the entire device, covering both personal and professional apps and data. Users may not be willing to give up control of their personal phones in exchange for the privilege of using them for business.

Where is your CU investing in BYOD? Mobile containers or MDM?

Monday, November 12, 2012

imsmartin presents identity theft trends and protections

Sean Martin, CISSP, and founder of imsmartin consulting, presented to a group of over 100 attendees during the Firefighter's National Credit Union Summit. The group represents the growing National Coalition of Firefighters Credit Unions.

Image source: Advioso
Identities are at the core of nearly everything that takes place within a credit union. And, with the number of fraudulent attempts to use a stolen identity increasing dramatically, credit unions must take a good hard look at how they are managing their members' and employees' identities - including the transaction auditing and access control mechanisms surrounding them.

In his presentation, Martin covered the following topics:
  • Identity theft trends
  • Detecting identity-based fraud
  • Tips for consumers
  • Tips for credit unions

Fill in the form at Advioso to obtain a copy of the presentation, along with a few identity theft protection whitepapers from content sponsors TeleSign, Guardtime, and CSID.

Cryptography attack: side-channel cloud threat is all nerd and no knickers

Side-channel attacks are nothing new. Their arrival in the cloud, or rather the potential for a side-channel approach to touch the cloud threat surface, most certainly is though; but is it something you need to worry about?

Image source: Article
In order to answer that, you first have to get your head around what a side-channel attack actually is.

Is the cloud safe from side-channel attacks on crypto keys in a real world scenario or not? Good question. The researchers suggest that there is room for a potential breach within the imperfect isolation of VMs found in public clouds, and advise that 'highly sensitive workloads' should not be stored there.

Without spoiling the article, side channel attacks could threaten cloud security in a big way. It's best to be prepared. Read the article to start getting prepared.

Friday, November 9, 2012

The Day A Computer Virus Came Close To Plugging Gulf Oil

The Shamoon scenario could repeat again with financial companies.

Image source: Article
“If this would happen to the three biggest banks in the U.K., all of their systems went down, all of their servers went down, [it would] mean that people can’t see their bank account online anymore, so they don’t know whether or not they still have money anymore. All the ATMs have a blue screen,” says Schenk.

Is your CU safe from these types of attacks?

Read the article to find out if you are prepared.

'There's an App' for Legal Teams

The catchphrase for the mobile lawyer? "There's an app for that." That may be true, but finding it and making it work for you or your law firm is a journey where law firms should let technology drive the business model.

Image source: imsmartin
This article captures the most presented and discussed applications used by lawyers — specifically looking at them from the perspective of lawyer mobility.

While there are thousands of commercial apps available, the next big wave is in the form of custom apps.

Is your CU building its own apps? Are you building them for your lawyers? Read the article to learn more about a few mobile development platforms.

Security Debate: On-premise or in the cloud?

There are many things that are easier to do in the cloud, but is security one of them?

Image source: Article
Proponents argue that basing security tools in the cloud provide all the benefits of any cloud-based resource, including low cost of entry, simplicity of maintenance/upgrades, etc.

But critics say not so fast. Getting security is hard enough when you control all the resources. Moving them to the cloud just further complicates the job.

Read the article to get these experts' opinion in this Network World Tech Debate.

Guidance on Cloud Security

The banking and financial sector with its strict regulations and need for high security, had always been seen as the last sector, to adopt cloud computing.

Image source: Article
Prior to embarking into cloud computing, organisations must consider a number of threats.

A number of factors also need to be taken into consideration when choosing the proper software security for cloud computing.

This article captures both lists.

Thursday, November 8, 2012

End-users admit ignorance of corporate cloud policies

Already tested by the BYOD movement, security-conscious IT admins are increasingly forced to cope with employees exposing their organization to security risks and unforeseen expenses by signing on to unauthorized cloud services.

Image source: Article
This includes storing customer records on Dropbox, enlisting Amazon Web Services to test beta code, or creating and sharing sensitive documents via Google Docs.

A new study from Symantec titled "The Myth of Keeping Critical Business Information Out of Clouds" points to the chasm between users and IT admins over access to cloud applications.

Read the article to see the survey results.

Wednesday, November 7, 2012

Mobile is impacting cloud security issues

The burgeoning influx of employee-owned smartphones and tablets in the workplace has added to the complexity of securing cloud-based systems, according to a panel of experts who urged IT security teams to consider setting enforceable mobile policies alongside cloud policies.

Image source: chetansharma
The process for setting policies addressing both mobile and cloud is easier said than done.

Hybrid cloud policies developed in conjunction with mobile security policy should be as a collaborative effort involving all of an organization's data owners, administrators and others who know the business and can find a middle ground.

View what the panelists say in full detail in this article.

Thursday, November 1, 2012

Gartner: How big trends in security, mobile, big data and cloud computing will change IT

When you go to a Gartner conference one of he main things you'll notice is the sheer volume of data they can generate on just about any IT topic.

Image source: Gartner
The Gartner conference, attended by some 9,000 executives focused on the changes security challenges, mobile computing, big data and cloud will be bringing to IT in the near future.

Trying to get through it all can be daunting so we've tried to simplify that process by distilling a variety of Gartner ITxpo presentations and coming up with the most salient information.

What are you interested in? Mobile? Big Data? Cloud? All of the above? Read the article to learn more about each.

Tuesday, October 30, 2012

Lack of abuse detection allows cloud computing instances to be used like botnets

Some cloud providers don't detect attacks launched from their networks, researchers say.

Image source: YahooLabs
Some cloud providers fail to detect and block malicious traffic originating from their networks, which provides cybercriminals with an opportunity to launch attacks in a botnet-like fashion, according to a report from Australian security consultancy firm Stratsec.

Researchers from Stratsec, a subsidiary of British defense and aerospace giant BAE Systems, reached this conclusion after performing a series of experiments on the infrastructure of five "common," but unnamed, cloud providers.

What are your cloud instances up to? Read the article to learn more.

Wednesday, October 24, 2012

In security response, practice makes perfect

We've heard it many times in many forms -- expect to be breached, expect that you've been breached, expect that you are being breached.

Image source: imsmartin
The unfortunate reality is that most organizations don't even know that they've been compromised and therefore don't do anything to block spreading of the malware, control the damage, prevent loss of information, or even recover from the technical problems associated with the compromise.

Assuming the adversary makes it in, the question remains: How long after a breach occurs can the organization remediate and prevent further damage?

Which state is your CU in? Waiting to be breached? Already breached? Don't know? Regardless of the state, you should read the article to learn more about some best practices in response.

Wednesday, October 17, 2012

Managing Mobile Risk

What happens when data collaboration and delivery travels to the mobile devices we all carry? Most CIOs see the introduction of unnecessary risk, observed many experts.

Image source: Article
Controlling information is not a new concept

But today's unmanaged mobility — in the form of BYOD (bring your own device) to work programs — and equally unmanaged use of popular Web services such as Dropbox and Evernote — represent a seemingly unstoppable phenomenon.

This creates a set of issues that must be addressed before an information governance firestorm hits. Read the article to see where your CU sits in terms if mobile information governance.

Monday, October 15, 2012

Doing the Two-Step, Beyond the A.T.M.

BANK A.T.M.'s embody decades-old technology. A four-digit PIN?

Image source: judybaxter
What a seemingly crude security system. Where are the uppercase and lowercase letters and the random punctuation that we are continually told are crucial to hacker-resistant passwords?

In fact, though, the four-digit numbers required to use cash machines are one element of an extremely strong security model that most of today's Web sites fall well short of matching.

Is your CU planning to offer your Members the option of requiring two-step verification for added peace of mind? Read the article to learn more about two-factor authentication.

Friday, October 12, 2012

Technology report: Biometric banks and privacy

It may sound like something straight out of a James Bond movie, but believe it or not, Australia’s major banks are moving to embrace biometric security systems.

Image source: Cynic
There are two main reasons why the banks are moving in this direction; both of which revolve around customer experience. The first is to improve their customer's experience whilst utilising ATMs and Eftpos machines and terminals. The second is to remove the need for customers to carry around a wallet or purse full of plastic cards.

Banks aim to introduce biometric security systems to reduce the incidence of fraud. There’s also the fact that ATMs and Eftpos are time consuming, require customers to have a plastic card that stores account details and to remember a Personal Identification Number (PIN).

Is your CU and your members ready for biometric technology? Read the article to learn more about biometrics.

Wednesday, October 10, 2012

Trend Micro Identifies Malware Spreading via Skype

If you use Skype, you’ve likely been privy to an odd message coming from some of your contacts that says, “lol is this your new profile pic?”

Image source: Article
The explosion of this Trojan through various gaming communities was covered by SiliconANGLE earlier; but now Trend Micro’s malware labs have identified the malware as a variant of DORKBOT.

Users of Trend Micro’s product are already protected from this sort of intruder and the company has detected and blocked more than 6,800 associated files since Sunday.

Read up on the Skype-based attacks here to see why the payload is far more sinister than the silly name of this threat.

Friday, October 5, 2012

An eye for a buy: Banks look to retina and fingerprint technology

ANZ has floated the idea of retina-scanning automatic teller machines and is considering using electronic fingerprints as part of an effort to beat rival banks in the realm of technology.

Image source: Article
By the middle of next year, it would introduce 800 ATMs that allowed ''next generation'' deposit services, including coins, notes and cheques to be credited to customers' accounts immediately, the bank said yesterday.

It will plough about $1.5 billion into new technologies, including ATMs consumers could access through fingerprints or retina identification.

How much does your CU plan to invest in your ATM technologies? Read the article to learn more about how ANZ is using biometrics to deliver better security for their consumers transactions.

Wednesday, October 3, 2012

DDoS attacks on major US banks are no Stuxnet—here's why

The attacks that recently disrupted website operations at Bank of America and at least five other major US banks used compromised Web servers to flood their targets with above-average amounts of Internet traffic.

Image source: Article
The attacks used compromised Web servers to wield a bigger-than-average club.

The distributed denial-of-service (DDoS) attacks—which over the past two weeks also caused disruptions at JP Morgan Chase, Wells Fargo, US Bancorp, Citigroup, and PNC Bank—were waged by hundreds of compromised servers.

Your CU isn't on the list? So it must be safe then, right? Read the article to see why this may not be true.

MasterCard Plans Shift To EMV-enabled ATMs By 2016

After October 2016, banks can hold ATM operators liable for fraudulent withdrawals and cash advances from debit and credit cards.

Image source: Lexcel
The announcement gives banks, ATM operators, and equipment manufacturers more than four years to cycle EMV cards and equipment into circulation.

While not immune from fraud, EMV-enabled debit and credit cards require much more sophistication to clone, compared to the magnetic stripe cards popular among Americans today.

Is your CU planning to use EMV technology? Read the article to learn more about EMV-enabled ATMs.

Banks fail to repel cyber threat

A shadowy but well organized hacker group in the Middle East has disrupted the electronic banking operations of America's largest financial institutions in recent days, underscoring U.S. vulnerability to online terrorism.

Image source: Geograph
A group identifying itself as Izz ad-Din al-Qassam Cyber Fighters attacked the websites of Wells Fargo, U.S. Bancorp and Bank of America.

The strikes left customers temporarily unable to access their checking accounts, mortgages and other services.

Is your CU at risk of the same sort of attack? Read the article to see how this group operates.

Sunday, September 30, 2012

Adobe code signing infrastructure hacked by 'sophisticated threat actors'

Adobe has warned that an internal server with access to its digital certificate code signing infrastructure was hacked by "sophisticated threat actors" engaged in "highly targeted attacks."

Image source: Article
The compromise, which dates back to early July, led to the creation of at least two malicious files that were digitally signed using a valid Adobe certificate, according to Adobe security chief Brad Arkin.

Although only two files were signed, the hack effectively gave the attackers the ability to create malware masquerading as legitimate Adobe software and signals a raising of the stakes in the world of Advanced Persistent Threats (APTs). Guardtime keyless signatures were not in use, thereby allowing the tampering to go undetected.

Are your adobe products at risk? Read the article to learn more.

Saturday, September 29, 2012

Bank of America tests technology to pay with phones

Bank of America Corp is testing a technology that allows a customer to pay at a store register by simply scanning an image with a smartphone, such as Apple Inc's iPhone or Google Inc's Android devices.

Image source: VentureBeat
The pilot program is being tested in Charlotte, North Carolina, where the second-largest U.S. bank is headquartered, and marks the latest effort by a financial institution to come out on top in the race to determine how people will pay for things in the future.

In the trial, Bank of America has partnered with Paydiant, a startup that has developed a technology to allow such mobile payments. It doesn't require new phones or hardware for merchants.

Read the article to see how your members can scan QR codes with their phones to make payments.

Friday, September 28, 2012

Mobile tellers take banking by storm

Since taking the reins as chief information officer for Westpac, Clive Whincup has presided over the launch of the bank’s first iPad application; a trial to turn Android smartphones into contactless payment devices; the introduction of an iPad app to replace printed board papers; a 1000 iPad pilot for bank executives; and a St George innovation that allows payments to be made from a smartphone using only the recipient’s mobile number.

Image source: Article
It’s a fast-moving area: Whincup has been in the role for only nine months.

Payments analyst Edgar Dunn & Co predicts there could be 250 million mobile banking transactions each year in Australia by 2015.

Is your CU ready for the mobile teller phenomenom? Read the article to find out.

Thursday, September 27, 2012

eSignatures go Keyless in the Cloud

It has been 12 years since the United States passed a law to facilitate the use of electronic records and electronic signatures.

Image source: Article
Called the Electronic Signatures in Global and National Commerce Act (ESIGN), its general intent in black and white is quoted in the very first section of the legislation; that a contract or signature “may not be denied legal effect, validity, or enforceability solely because it is in electronic form.”

eSignatures save a lot of waste. No need to get into a car and drive paper documents to your attorney’s office for a real estate contract or to a bank to settle a mortgage application.

Does your CU use online digital signatures? Read the article to see how Avanza Bank asked Scrive to produce a bullet-proof e-signing service, whereby many stringent conditions would be met.

Wednesday, September 26, 2012

Why No NFC in the iPhone Hurts Banks More Than Apple

It took almost two decades for credit card payments (followed by debit cards) to become globally ubiquitous, so it might be reasonable to think that a paradigm shift at the POS will take years to become mainstream.

Image source: Article
Why would you spend money deploying expensive NFC-enabled (Near Field Communication) POS terminals unless consumers were going to use them, right? Is this why Apple chose to snub NFC technology in its latest iPhone?

In normal circumstances, if there were no competition, this would make good business sense.

Read the article to see how this could affect your CU.

Tuesday, September 25, 2012

Cybercrooks target credit union, bank employees

Local credit unions and small banks are being warned by the FBI that their employees may be the latest targets of cybercrooks.

Image source: Article
A new FBI fraud alert warns that these crooks are aggressively trying to steal login details of these employees with the goal of illegally wiring themselves hundreds of thousands of dollars.

Fraudsters obtain the logins through phishing and spam e-mails before installing keystroke loggers and remote access Trojans on their computer, gaining complete access to internal networks and logins to third party systems.

Read the article to see if your CU is at risk to these types of threats.

Monday, September 24, 2012

Firewall vs. IPS: Will next-generation firewalls nix stand-alone IPS?

Firewall vendors are in the business of providing network security, and as network security challenges evolve, so must firewalls.

Image source: imsmartin
As a part of this natural evolution, the firewall security engine has integrated intrusion prevention system (IPS) and other deep-packet inspection capabilities.

Many experts expect this general trend to continue as firewall vendors pack more security intelligence features into their devices, taking advantage of the strategic positioning that firewalls hold in customers' networks. The end result of this development could be a security gateway that is capable of monitoring the entire network.

What will your next perimeter protection invoice include? Read the article to see how IPS technologies stack up against traditional firewall technologies - in a single NextGen Firewall offering.

Friday, September 21, 2012

How Credit Unions Can Safely Embrace Bring-Your-Own-Device

Bring Your Own Device (BYOD) programs, which allow employees to use their own smartphones and tablets in the work environment, are significantly changing information technology.

Image source: imsmartin
Credit unions and other financial service firms are among the organizations embracing BYOD, as it allows senior executives and employees to use for work and pleasure the mobile devices, service providers and operating platforms of their choice.

IT research firm Gartner Inc. predicts that by 2013, 80% of businesses will support a workforce using tablets, and by 2014, 90% of organizations will support corporate applications on personal devices.

To learn more about BYOD considerations, prohibitions, and partnering, read the full article.

Thursday, September 20, 2012

Good Technology debuts new BYOD services for speedier migrations

Good Technology is rolling out two new services designed to deal with the prevalent BYOD (bring your own device) issue, but the motivation behind the solutions might be more telling.

Image source: Spark PR
Essentially, Good learned that customers such as Nationwide Insurance, UBS and Franklin Templeton wanted help accelerating their moves from BlackBerry to devices like iPhones, iPad and Android.

According to Good, many were originally planning for 3-year transitions, but later speeded that up to six months given the rocky future of Research In Motion.

What's your CU's mobile strategy? Are you migrating more quickly than originally planned? Read the article to see how Good could help with your migration.

Tuesday, September 18, 2012

Gartner: Cloud to grow 20% this year to $109B market

The cloud computing market will grow almost 20% this year to become a $109 billion industry, research firm Gartner predicts.

Image source: Frank IT Lab
Gartner predicts business process as a service (BPaaS) and software as a service (SaaS) will dominate the market, with infrastructure as a service (IaaS) quickly gaining momentum.

n 2011, the market stood at $91.4 billion and the research firm expects it to grow to $206.6 billion by 2016. Cloud is still only a very small part of the overall IT spending market though. In July, Gartner predicted total IT spending would be $3.6 trillion in 2012.

How much Cloud does your CU use?

Friday, September 14, 2012

The 10 best IT certifications: 2012

When it comes to IT skills and expertise, there are all kinds of “best certification” lists. Pundits are quick to add the safe bets: Cisco’s CCIE (Cisco Certified Internetwork Expert), Red Hat’s RHCE (Red Hat Certified Engineer), and other popular choices.

This isn’t that list.

Image source: IT Hire Wire
Based on years of experience meeting with clients and organizations too numerous to count, this list was built with the idea of cataloging the IT industry’s 10 most practical, in-demand certifications. That’s why I think these are the best; these are the skills clients repeatedly demonstrate they need most. In this list, I justify each selection and the order in which these accreditations are ranked.

MCITP: Enterprise Administrator on Windows Server 2008 tops the list.

Read the article to see the other 9 certifications listed.

Tuesday, September 4, 2012

For Banks, Digital Currency Poses Threat — and Opportunity

While the digital currency known as Bitcoin does have its obstacles, it can also mean business opportunities for financial institutions.

Image source: purkrabek.com
The Bitcoin, which is a highly encrypted digital file based on open-source code and is distributed through peer-to-peer networks, lacks centralized issuing authority; thus any savvy techie with the right hardware can "mine" this algorithm-based currency.

On the other hand, it could be a an alternative to currencies being printed at whim and guarded irresponsibly. The software was programmed to create a finite supply to preserve the currency's long-term value, and cryptography would eliminate the need for trusted third parties to store and transfer money.

In any case, as new innovations for managing Bitcoin transactions emerge, financial institutions could have a big role in the movement as well, including payment processing, providing escrow services, facilitating international cash transactions, helping customers exchange their money for Bitcoins, and even issuing Bitcoin loans.

Read up on the Bitcoin system here.

Friday, August 31, 2012

1 MILLION accounts leaked in megahack on banks, websites

A cache of over one MILLION user account records was leaked by hacker collective Team GhostShell in a huge data dump over the weekend.

Image source: Imperva
Targeting banks, consulting firms, government agencies, and manufacturing firms, the team extracted usernames, passwords, credit histories, and other files and documents from 100 different websites. Much of the data was pulled from the targets' databases and content management systems, some of which contained more than 30,000 records each.

Imperva analysis indicates that the breaches were executed mostly using the SQLmap tool, a common SQL injection method used by hackers.

The importance of staying on top of your CU's security system and closing up vulnerabilities can't be stressed enough. Get more info about the megahack here.

Wednesday, August 29, 2012

How National Australia Bank Uses Cloud Computing to Cut Costs and Shrink Its Carbon Footprint

How much money, energy, and time get drained by your CU's current systems and processes?

Image source: freeaussiestock.com / CC BY 3.0
More and more financial institutions around the globe are finding that revising their energy policies and shifting toward "green IT" practices are key in optimizing resource management.

Spanning everything from IT to travel fleet, the energy reduction program adopted by the $782 billion-asset bank and Open Data Center Alliance member National Australia Bank (NAB) exemplifies the significant cost-savings and environmental benefits made possible by data virtualization through scalability, increased efficiency, and resource conservation.

Time for a data center overhaul for your CU? Read the BTN interview with NAB's Dennis McGee to learn about this large and complex institution's approach to green IT.