MADISON, Wis. (12/26/07)--While an information technology (IT) survey conducted by Boston-based Aite Group earlier this year indicated that community banks are spending more money on technology to protect consumer data, credit unions also are beefing up their security spending. Nationwide, overall spending for IT hardware and software should grow by 5%, according to Forrester Research Inc. estimates. Those estimates were lowered from Forrester’s October projections that said spending would grow by 8% (Computerworld
Dec. 13). IT spending nationwide for computers, software and communications equipment is projected to top off at $377 billion this year, and is estimated to increase to $304 billion in 2008, according to the Cambridge, Mass.-based firm. Total IT spending--which includes expenditures for hardware, software, IT salaries and outsourcing--is estimated to be $775 billion this year, and will go up to a projected $815 billion next year, according to Computerworld
. “The security dilemma is a balancing act between security and user friendliness,” stated the 2007-2008 Credit Union Environmental Scan (E-Scan). “The more secure your systems, the less inviting they are to members. It’s possible to build a system so secure that no one would use it.” E-Scan made these security recommendations for credit unions:
* Stay informed about new security threats by reading industry publications and websites, attending conferences, and working with peers. Keep an eye on data security proposals in Congress. * Don’t assume the credit union is immune to attack. One security company saw 67% more attacks attempted against its credit union clients than against its banking clients between February 2005 and March 2006. * Focus on the big picture and weigh the need for security from electronic threats with other needs and the value of what you’re securing. * Use a layered approach to security to more effectively secure sensitive data. Make the credit union’s security as user-friendly as possible. * Offer security training for employees. This is critical--they need to know their specific responsibilities and duties regarding information security. * Don’t overlook physical security in the rush to block electronic attacks. The best firewall is useless against a thief masquerading as a vendor who walks out with a hard drive containing member data. Lock computers that aren’t in use, and keep systems behind locked doors.
Currently, the Credit Union National Association (CUNA) is conducting field research for CUNA’s 2008 Technology and Spending Survey Report, according to Steve Rodgers, editor-in-chief of CUNA’s E-Scan. The full report will be available in February, Rogers said.