I think it was in November that the American Bankers Association recommended that home users dedicate a PC for on-line banking--just in case their "surfing" PC gets whacked. It is a good idea.
Then in January SANS reported the following:
"The American Bankers' Association (ABA) issued guidance to small and mid-sized businesses regarding how to protect themselves from the growing problem of unauthorized Automated Clearing House (ACH) transactions. Of special note is the recommendation that businesses use a dedicated PC that is never used for email or web browsing to conduct online banking transactions."
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=12&issue=1#sID200
Today, the following arrived in one of my emails from a reliable source:
"Many of the consumer protection laws that safeguard individuals and limit their liabilities in the event of loss, theft and fraud simply don't apply to businesses and their bank accounts. In many cases, the only protection that a business has is defined by the bank's terms and conditions of use. That means your business may be held responsible for any losses incurred prior to reporting suspicious activity to the bank."
Two take aways here: both home users and small business should dedicate a PC for on-line banking; small business owners face greater risk if something gets compromised. There are alternatives to a dedicated PC for online banking. One low-cost alternative is a bootable CD. I've been using Ubuntu at home. Download it, burn the CD, boot from it, do your banking stuff and nothing gets written to disk. Here is the URL:
http://www.ubuntu.com/GetUbuntu/download
It all comes down to your appetite for risk and level of paranoia; I have a low appetite for monetary risk and a high level of paranoia.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment