Security Corner

Mar 13 2010   3:36PM GMT

Worth Repeating: Use a Dedicated PC for Online Banking



Posted by: Ken Harthun
Tags:
Cybercrime
Identity Theft
Online banking fraud
Secure Computing
security awareness

In light of my last my post, “120M Stolen By Hackers in Three Months“, I want to reiterate what I said in “ABA Recommends Using Dedicated PC for Online Banking.” This is the way I would do it:

…set up a PC with Microsoft’s Steady State, disable any Internet access except to the bank’s online application and uninstall Outlook Express. I would make a completely locked down and hardened installation of Windows with all services disabled except for essentials. Assign a static IP address to the machine. I would use a software firewall and disable all ports except 80 and 443. Of course, anti-malware software would be essential.

In March 2010 SANS Ouch! Vol. 7 No. 3, you’ll find this advice:

* Keep your dedicated computer out of reach, or even better, under lock and key
* Set a strong password for the Administrator account
* Create a second account that has limited privileges and always use this account for your online banking
* Contact your computer support provider for information about how to add, remove and change user accounts
* Turn your dedicated computer off when not in use to help prevent network-based intrusions
* Keep the operating system secure by applying patches and updates promptly
* Don’t scrimp on security software; install a good-quality security suite and keep it updated
* Never use a wireless connection for online banking
* Use a strong password for your online banking account, and do not use that password anywhere else (Strong password tips:
http://www.sans.org/newsletters/ouch/issue/20100219.php)

Either way, the key is to use a secure, dedicated system. And if you spot any unauthorized activity, or suspect your information has been compromised in any way, the Federal Trade Commission recommends you take the following actions:

* Notify your bank and credit card companies immediately
* Close all affected accounts
* Notify the major credit reporting agencies
* File a report with the Federal Trade Commission
* File a report with the police

Find more advice in the ABA Education Foundation article,  “Protect Your Financial Identity“.

Just do it!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: