Safety first: best practices

Silver haired woman relaxing with her laptop
OCCU  -  06.10.2016

In a perfect world, we wouldn’t need to worry about identity theft. Unfortunately, personal security cannot be left to chance. Playing an active role in protecting your sensitive information is vital to keeping your identity safe. Fortunately, the Oregon Community Credit Union (OCCU) security team has some best practices for doing just that.

Paper trails

As much as I try to stay on top of it, there is always a stack of mail on my desk. To a thief that stack of mail is a goldmine of personal information because it is likely to contain your name, address, and potentially your birthdate and account numbers. To keep that information out of the hands of would-be thieves it’s best to shred paper documents, such as bills, banks statements, or any documents that contain personal information once you have paid the bill or checked the account balance.       

For paper that you need to file for tax purposes or other archives, purchase an Underwriter’s Laboratory (“UL”) listed fire resistant safe or rent a safe deposit box at your financial institution, like OCCU. Keep any papers containing account numbers or Social Security Numbers locked away.

Virtual trails

These days, more and more personal information is transferred online. In the digital world passwords are your first line of defense. Strong passwords are comprised of at least eight characters, including a combination of letters, numbers and special characters. One way to create strong passwords is by thinking of passphrases that use letters and numbers. For instance, the phrase ‘my sister’s birthday is March 17, 1979’, could become the password MsbiM1779.          

Always protect your password(s) by keeping them somewhere safe. Avoid keeping usernames, passwords, or PINS on a notepad next to your computer or using the automatic login feature. If you want to keep a paper copy of passwords, keep them in a fireproof safe. If you want to store them on your computer, make sure to encrypt and password protect the file where the information is saved.            

For extra protection, you should change your passwords regularly. OCCU recommends changing your passwords at least every 90 days and using different passwords for different accounts. For instance, use a different password for social networking sites than you do for Internet Banking.

Safety in the Cloud

As information flies around across networks and within “the cloud”, it’s best to make sure your airspace has some protection. Change the password on your routers from the manufacturer’s default to something only your household knows.  Keep routers and computers up-to-date with firmware and software updates! OCCU does not recommend accessing your online financial accounts on public computers. When you need to step away from a computer, public or private, be sure to lock the computer and verify you’ve set up a lock screen password.  

Be sure to install, update and run reliable commercial anti-virus and anti-spyware software, as well as install an actively managed firewall on your computer and network.  These programs will look for known virus signatures that can drop malware, key loggers, and worms onto a computer or network. If the program files are not kept current then a new signature might be missed. Even though there are fewer virus attacks on Apple devices, they are still vulnerable. There are multiple antivirus programs from companies, such as Kaspersky, that are designed specifically for Apple devices. Lastly, make sure to completely close and exit all web browsers before and after accessing any account online.

Use Common Sense        

The best strategy of all for staying secure is to use common sense. Always verify with the sender before clicking on a link in an email or downloading an attachment; remember that the sender’s email may have been compromised without them knowing. When browsing the web, be sure to look for the lock icon in the URL bar to verify the website is secure. Hackers often try to replicate an organization’s branding in order to trick you into giving your personal information, so it’s important to take an extra look, and when in doubt call the sending company to verify it’s a real email. Remember OCCU will never ask for your personal information via emails, texts, or unsolicited phone calls.

If you ever accidentally share your OCCU account information where you shouldn’t have, contact us ASAP. The OCCU security team is here to help, and the sooner you contact us, the more likely our security team will be able to help.