Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
CUs security approach is holistic layered
SANTA ROSA, Calif. (3/16/12)--The mass migration toward using mobile devices such as tablets and smartphones to access corporate data, social networking and cloud computing is setting off alarms for security and risk management, and information technology (IT) executives concerned about security. One credit union is among the early adopters of a holistic approach to keeping data secure.

As smartphones and tablets become the new security "battleground," Redwood CU, a nearly $2 billion asset credit union based in Santa Rosa, Calif., is addressing the situation by incorporating end-to-end, or layered, defense so that all key elements of its IT infrastructure are protected against a variety of threats, reports Baseline, a publication for the IT industry (March 13).

For this credit union,  a multilayered defense works. "We have been fortunate to not have had any loss or issues as a result of an attack," Tony  Hildesheim,  senior vice president of IT at Redwood, told Baseline.

Redwood's first layer consists of dual firewalls with multiple DMZs or perimeter networks that segment traffic, coupled with virtual LANs on switches and a segmented internet provider (IP) network, said the publication.

Its second layer includes a set of intrusion detection systems (IDS)and intrusion prevention systems (IPS) that watch all inbound, outbound and cross-network traffic, said Baseline.  Redwood also employs an e-mail scanning and spam filtering tool to further reduce threats, as well as a virus protection on all its PCs and servers.

Redwood has aggressive policies on the network, with network restrictions to almost all files and directories on an "as needed" basis.  For even more protection, it has a set of controls that includes network monitoring as well as regular checks and audits.

There's more: Its security framework includes central software management; patch management; encrypted hard drives; Internet access monitoring and limitations; and segmented, monitored and controlled network storage.

As a result it has stopped attacks such as Trojans and viruses, usually at the IDS/IPS device, before they attack a PC or other device, said Hildesheim.  The credit union tries not to draw attention and, determined not to be an easy target, it aggressively deals with phishing and other attacks.

Redwood also provides security training for employees.  It practices standard password rotation or employees, tests for social engineering, and performs penetration and controls testing. Redwood also educates members with awareness campaigns to help them protect their privacy.

Hildesheim noted the credit union sees about 40 attacks each month but all are averted, largely due to e-mail scanning tools and the local scanning and IDS/IPS that augment the firewall. It also experiences roughly 100 "suspicious hits" and about 20 "validated" hits a month, all averted by firewalls, patching and security procedures.  

Redwood has suffered no financial or member losses because of an intrusion or attack on its systems, said Wade Painter, the credit union's chief financial officer.
Other Resources

RSS print
News Now LiveWire
#FinancialLiteracyMonth Test your college financial aid knowledge @nasfaa http://t.co/xgrDmHaw8W
4 hours ago
Join @theNCUA #NCUAchat with @KenWortheyJr on April 23 from 11am to 12pm EST http://t.co/TnNmfFh4Nl #FinancialLiteracyMonth
5 hours ago
Maine's patent troll bill has become law. Read more in Monday in @NewsNowLiveWire
8 hours ago
Wash. DFI discusses serving legal marijuana businesses with @NWCUA http://t.co/3kw79HJUYF
8 hours ago
Both @CUNA @NAFCU urge extension of #RBC extension period http://t.co/FWMcvlwHPM
9 hours ago