Using IaaS to Grow Your Business

Infrastructure as a Service (IaaS) is an instant cloud computing infrastructure provisioned over the internet. In an IaaS model, a cloud provider hosts the infrastructure components that’s normally present in an on-site data center, including servers, storage and networking hardware. 

IaaS provides a range of services to accompany infrastructure components, such as billing, monitoring, security, backup and recovery. These services are policy-driven, allowing users to automate and orchestrate important tasks. In general, credit unions benefit from IaaS because they don’t have to maintain the hardware, networking or maintenance involved with physical assets like servers and data centers.

For many credit unions, especially small and medium-sized institutions, IaaS is an affordable, high-performing tool that keeps costs low. Managing IT resources on-premise can be cost-prohibitive, so IaaS makes you more competitive with larger companies.

Here’s what IaaS can do:

  • Enhance business continuity by maintaining access to your applications and data during a disaster or outage. Organizations are better equipped to handle unpredictable and growing storage needs, especially for the management of backup and recovery systems.
  • Accommodate specifications on-demand. Teams can quickly set up and dismantle test and development environments, expediting the process to bring new applications to market. Essentially, it’s easier to scale up development-test environments with IaaS. 
  • Increase stability, reliability and support on an ongoing basis without having to upgrade software or troubleshoot equipment.
  • Support new Software as a Service (SaaS) applications for call centers, customer portals and e-commerce solutions – anything that makes it easier and more efficient to do business. 

Advantages

Powered by VMware vCloud technology and accessed through vCloud Director, the IMS cloud is designed to support development, testing, disaster recovery and production.

We offer a self-service, enterprise-grade cloud IaaS solution for your specific needs. Our latest offering reduces capital expenses by eliminating upfront costs that comes with setup and ongoing maintenance. The IMS pay-as-you-go model allows you to pay for only the components you need. 

We invite you to make the most of your virtual data center and optimize cloud costs. Contact us when you’re ready to free up your team to focus on growing your credit union.


Protect Data When Working from Home

With so many people working from home during this time, virtual desktops have become the norm for credit unions today. Remote connections provide workers with the ability to access data at home, on the road or a remote office. However, the increase in remote work has also led to an increase in cyberattacks. As end-user applications are evolving, so are the techniques bad actors are using to attack your data system. 

Credit unions should ensure they have the proper security protocols in place to stay safe. There are multiple vulnerabilities where remote desktops are exposed to malware attacks, including email and user-installed applications. Attackers like to gain control over a personal and work laptop and impersonate the user.

Additionally, there may be logistical challenges with assessing hardware needs, privacy and managing multiple devices. But, adopting the right security practices will protect data across all endpoints. Taking a comprehensive approach to security will allow you to easily manage the status of these areas.

Since employees are connecting to your system through a corporate virtual desktop infrastructure (VDI), it’s important to have security solutions in place to work across different platforms. Everything from transferring data to personal devices to using unsecured networks are common mistakes employees make when working from home. Here are a few things to keep an eye on with your team:

  • Using an insecure network. It’s possible employees are using home networks that are less secure compared to being at the office with WiFi acting as the biggest offender. That’s why your credit union should use a secure, virtual desktop environment to access sensitive information and apps. 
  • Transferring data to personal devices. Your credit union may have issued workers with a company laptop but your team may also be using a personal computer to work. It’s not uncommon for employees to move documents from work computers to a home computer, smart device or personal cloud service for ease of use. Unfortunately, the security mechanisms in place are far less secure than a business laptop or a VDI. 
  • Sharing access credentials. Bottlenecks often occur when one employee has to wait for another colleague to complete a task. To expedite the process they might share their login credentials to an application or database so their colleague can access what’s needed and reduce that bottleneck. Not only is this an unapproved action it becomes problematic when done over an insecure network. 
  • Inadvertently sharing private information with friends. While teams have transitioned to hosting meetings via video chat and using social media as an outline to stay connected, workers may be leaking sensitive information without knowing it. This may be leaving a comment on Facebook about what it’s like working from home, taking a photo or video of your home office or displaying a computer setup. These are all risk factors to causing data leaks.

To avoid these pitfalls, your IT team should implement additional security controls and set up guidelines on what to install, download or share to avoid security breaches when working from home. They should also retrain staff on the most appropriate ways to handle sensitive information. Performing continuous security testing will reduce the possibility of malicious attacks on your system.

Financial institutions are always a target for cyber attacks, so it’s critical you identify any vulnerabilities. The most effective thing to do is enable our private cloud to deliver easily managed services. IMS provides a complete virtual workspace that allows your credit union to rapidly transform desktops and applications to users on any device, anywhere in a secure way.


Preparing for Hurricane Season

 

The official start of the 2020 Atlantic hurricane season starts on June 1 and runs until November 30, but there’s already a tropical storm developing off the coast of Florida. That means it’s time to take another look at your disaster recovery and backup systems to make sure you’re prepared for any storms.

According to the National Oceanic and Atmospheric Administration (NOAA) National Centers for Environmental Information, the U.S. South, Central and Southeast regions experience a higher frequency of billion-dollar disaster events than any other region in the country. Severe storms like hurricanes and tornadoes lead to extensive power and telecommunications outages, mail service disruption, facility damage and transportation restrictions that impact how people access their money. Credit unions are no exception and may have to shut down or move operations for safety. In these moments it’s crucial your members can rely on you to continue serving the community.

Our client Louisiana Federal Credit Union has experienced many storms over the years, including Hurricanes Katrina, Rita, Gustav and Isaac. During the aftermath of every storm, their community has relied heavily on Louisiana FCU to provide full financial services. Knowing they are located in a hot zone for natural disasters, the credit union decided to move their core system to a safer region in the Northwest. By upgrading their core system, they now have peace of mind during hurricane season knowing that their services will be available to its members in their time of need.

business people planning at meetingMajor storms can disrupt a financial institution’s operations, sometimes lasting a significant period of time. While some interruptions can be anticipated, others cannot. That’s why it’s critical to have a business continuity plan in place. This is how the DuGood Federal Credit Union was able to effectively begin its backup plan when their data center was in the direct path of a large-scale hurricane.

The credit union knew they needed to act fast for the safety of the business and their staff. Members would be evacuating soon and it was important they could access their funds. After contacting our team, we worked together in coordinating a graceful shutdown of their systems and implemented a remote backup solution. It took less than three hours to back up systems, recover servers and bring up third-party vendor services like the ATM and internet banking. Ultimately, we were able to help with other technical operations as the team evacuated to another office.

With a continuity plan in place, your credit union will be able to jump into action if there’s any disruptive event. Test your disaster recovery service and reassess how well your institution is prepared for threats across all levels. When working with our team, you can count on no-cost annual testing to verify the integrity of your data.

We cannot predict the severity of all disasters, especially when it comes to natural disasters, but there is practice and preparation. Know where to go, identify what critical functions are needed and develop planned responses. 

Don’t wait until a storm is on the horizon to start making plans for your credit union. Contact our team to talk about the disaster recovery solution your credit union has in place. When disaster strikes, you’ll want to focus more on your members, staff and service than on complex logistics.


Leveraging the ACET to Advance Cybersecurity

 

People choose credit unions because of their customer service, accessibility and focus on its members. Credit unions instill a sense of trust and loyalty by creating customer-friendly relationships and ensuring members their money is safe. To nurture that trust, it’s essential for you to do everything possible to keep information safe. 

Examining protections and operations

Credits unions are still financial institutions that must have the same protections as any bank. In setting standards and controls to install safeguards against bad actors, more credit unions are embracing the Automated Cybersecurity Examination Tool (ACET), provided by the National Credit Union Administration. The ACET assesses how each institution prevents and prepares for cyberattacks and threats through a standardized examination of nearly 500 questions and 200 documents required for submission. 

Based on the Federal Financial Institutions Examination Council’s (FFIEC) Cybersecurity Assessment Tool, the ACET improves and standardizes how the NCUA supervises cybersecurity for all federally-insured credit unions on a rolling basis. It basically helps determine a credit union’s exposure to risk by identifying the type and complexity of operations, as well as the level of risk and corresponding controls. The ranking ranges from baseline to innovative.

Last year, NCUA used the ACET to assess credit unions with more than $250 million in assets and will continue to deploy an updated version this year for credit unions with assets over $100 million. Ultimately, the exam will be scaled to the size and risk profile of the financial institution. Starting in 2022, maturity assessments will be done once every four years.

Improving the maturity of your cybersecurity

A lot of attention has been focused on how to prepare for the assessment, but your team should also be focusing on ways to improve cybersecurity maturity. The ACET uses the same maturity levels as the CAT: Baseline, Evolving, Intermediate, Advanced and Innovative.

Business people analyzing financial dataThe question becomes, what technologies are you implementing to move beyond the baseline and into an advanced and innovative tier. What technologies are being used to reduce risks and attacks while also increasing ease of oversight and collaboration. Additionally, what practices and processes are in place to protect data, infrastructure and information? 

Resilience entails everything from planning and having continuous, automated backup protection to mitigation and recovery during a cyber incident. 

What steps are you taking to ensure your systems and data centers are hosted offsite and within cloud environments? What type of ransomware recovery is in place? Is your IT team spending more time managing complex legacy systems?

The ACET is an opportunity to do more than answer questions but also take steps to evolve your backup and recovery process. Ultimately, an investment in the right system will go a long way in building trust and strengthening relationships with members.

We understand that cybersecurity compliance can be costly, which is why specialize in providing the best and most cost-effective services for credit unions. Let’s find the right solutions for your credit union.


3 Cybersecurity Tips During COVID-19

A crisis is not the time to discover that your backup and recovery solutions do not work.

The current climate of COVID-19 leaves many credit unions vulnerable to fraudsters stealing personal information, money, transaction records and other valuable data. Recently, the FBI reported that there is an increase in business email compromise (BEC) scams that targets anyone who performs legitimate fund transfers. BEC frauds are targeting municipalities that are purchasing supplies and personal protective equipment needed during the pandemic.

Hackers and bad actors are preying on consumers as online buying and digital payments increases during this time of social distancing. Additionally, staff shortages, teleworking and unavailable workers makes it harder to sustain business operations. Any loss or data theft can jeopardize the reputation of your financial institution, damage relationships with members and put your business at risk. Credit unions must be prepared for any illicit financial activity that occurs, similar to other disaster recovery protocols.

To protect your business before disaster strikes, ensure there is a reliable recovery process in place. Here’s where to start:

  • Identify gaps in security. Test data before disaster strikes to provide recovery assurance and identify where there are areas of vulnerability. Tape backups are fragile and subject to damage, theft and destruction. Plus, they involve multi-step procedures that are susceptible to human errors. With more employees working remotely due to social distancing, can you rely on a system that requires scheduling jobs and transporting tapes between multiple locations? 
  • Businessman working from home on computerProvide secure remote and branch office solutions. Having multiple remote office and branch office (ROBO) sites pose challenges when it comes to data protection. There are employees that are reliant upon remote access to do their jobs and need their own data backup. There may also be an increase in the number of cyber attacks on computers, equipment and unprotected networks as employees work from home. Ensuring resources are available and secure through virtual desktops is also key to having a productive workforce without sacrificing security and control.
  • Maintain continuous protection. Using multiple hardware and software components for backup solutions can bog down efficiency. Tapes fail and it’s an inconvenience to drive to the credit union to replace them. Simplify backup and recovery with hybrid cloud environments that lets you manage all your data through one responsive interface. Not only can you recover files in the cloud with a few clicks, you can also manage the frequency and duration of backups. Your credit union will spend less time manually configuring jobs with an automated system.

Now that credit unions are transitioning to conducting more business through virtual means, it’s important you’re using the best systems for backup and disaster recovery. Fraudsters will make every attempt to steal valuable information so your data must be secure, accessible and backed up regularly.

One of the best decisions you can make is to work with Integrated Management Solutions who understands the value of your data. Let’s talk about the right solutions for your credit union.


Finding Your Quality Backup and Disaster Recovery Solution

As the cloud computing network grows in financial institutions, so do the methods cybercriminals use to breach important, sensitive information. It’s not fun to think about threats, but what’s less fun is thinking about how you’ll snap back after one. 

The financial services sector is the most frequent target of cyberattacks, and scammers and fraudsters are always becoming more diligent and creative. Data breaches have become more insidious and calculated, and in the dire case that you do need help, you need a backup solution that won’t seriously disrupt the day-to-day of your business. 

Physical data storage is a burden to credit unions that need to focus on member value, but cloud backup storage and off-site replication can help. Your credit union is unique, and so is your backup solution.

Not all backup solutions are alike.

Cloud systems are more secure than traditional IT, and when monitored, audited, and updated correctly, you can shift your focus to member-related solutions. Our technology and team empower yours, so you can take advantage of the cloud and provide value to your members. 

For example, credit unions are taking notice of ever-changing member demographics and the ways that younger generations can be reached from your credit union. When your staff is freed up to focus on solutions that provide value to members, you can watch your member demographic grow in new, exciting ways.

Rubrik powers our backup solution, a system that stores only the information you need, which ensures you won’t be paying for unnecessary storage. In physical and virtual environments, Rubrik provides on-premise backup and off-site replication to the secure cloud. 

In the case that you do need disaster recovery assistance, the IMS Support team can assist 24 hours a day, 365 days a year. Get in touch if you’d like to learn more about how you can benefit from a custom data solution. 


Developing Your Adaptive Solution with IaaS

In an ever globally-connecting world and one that is always “on,” you’ll need the right approach to innovation in order to stay afloat. The behaviors, expectations, and needs of customers are changing, and credit unions must adapt if they want to remain competitive.

A Deloitte report on the global banking outlook for 2020 refers to credit unions as the “trusted custodians of customers’ assets,” which extends far beyond just finances. Your members trust you to protect their sensitive information. As a financial institution within a rapidly-developing and globally connected network, you need to ensure that data will stay safe.

But in order to manage all the moving parts related to software, equipment, data security, server hosting, and more, it can be easy for the focus to shift away from members.

Infrastructure as a Service (IaaS) eliminates the need to set up and manage a data center with flexible management and pricing. With these benefits, you can sleep easy knowing that you’ve covered the areas you need to be protected. 

Innovation is not about solving problems on the fly.

A system that anticipates your needs and provides security can put your credit union in a position to acclimate to developing trends and issues that crop up within the “open banking revolution.”

With Infrastructure as a Service (IaaS), you’ll eliminate the need for setting up and managing a data center. Our model means that you only pay for as much as you need, so you’ll be able to harness the services that you absolutely need. 

The IaaS model provides: 

  • Custom, on-demand IT infrastructure 
  • Software upgrades and equipment troubleshooting
  • Self-service, enterprise-grade 
  • Data and application security

This way, you won’t be “over or under-provisioning,” and you’ll be able to optimize your own use of the cloud. With IMS you can pass over the development, disaster recovery, and production, and stay on top of the technology while keeping the primary focus on your members. Let’s talk about your needs. 


Making the Most of the Cloud as a Credit Union

 

In 2020, if you haven’t switched to the cloud, there’s no way around it. You’ll likely be doing it soon! If you’re wary of the cloud, take a closer look at the major benefits of a cloud computing solution. 

Understanding the moving parts of your holistic solution

Infrastructure as a Service (IaaS) incorporates the hosting services, backup, disaster recovery, and data security that work in a holistic way to protect your data and provide insurance in any instances of disaster.

The number one benefit of a cloud computing solution is the ability to save on hardware costs. In addition, your costs will be predictable because you’ll only be paying for what you need on a monthly basis. By eliminating the upfront data storage, you’ll save a great deal of money by only paying for the components that you need in order to optimize your cloud costs. Our enterprise-grade cloud infrastructure houses your data, but it’s yours to structure.

Essentially, backup to disaster recovery centers means you’re doubled up with a superior backup solution. In the dire case that you need disaster recovery, the cloud will not only help you to function more fluidly on a daily basis but also have the ability to snap back during times of disaster. This means less time spent managing solutions and less time spent sending valuable team members over to figure out those solutions. A responsive system that jumps in when you need it most.

Relying on an experienced team to assist minimizes downtime. You not only need the hardware infrastructure to perform disaster recovery smoothly and efficiently, but you also need the technical expertise to perform that recovery with minimal downtime. Our IaaS offerings provide a robust setup that will function on-demand to adjust to any specific requests, 24/7.

When credit union data storage solutions aren’t agile, they aren’t leveling up with the competition. 

As a result, it may become more difficult to reach younger demographics who don’t want interruptions in their experience with your credit union when you’re fielding issues and expending resources with expensive on-site storage.

If you’re looking for flexibility and need a custom solution for the cloud, we’re available to deliver and design those solutions to a wide swath of credit unions. Let’s talk about the solutions that will work best for you and your credit union.


Mastering the Challenge of Disaster Recovery

 

Credit unions are no stranger to the physics of Murphy’s law. If something can go wrong, it will. In an age where cybercrime is hotly discussed and natural disasters crop up when they are least expected, it’s crucial to understand the potential risks of losing data as a credit union.

Risks can be natural or manmade, across a wide spectrum—from wildfires to hackers, a comprehensive disaster recovery solution should cover a range of potential disasters. However, that solution does not need to be extremely specific. The most common errors include natural disasters, cybercrime, and human error. The specific risk you’ll need to prevent is never certain—that’s why disaster recovery functions as such an important form of insurance. 

A disaster recovery solution shouldn’t be bulky and expensive. 

The most common solution(s) for disaster recovery purposes are typically physical locations. However, physical data storage drives up costs in the form of equipment,  connections, and employees that are in charge of managing those hefty physical elements. In addition, when a physical approach is taken, multiple physical locations are used, further driving up costs.

Your customers expect excellence when they access your services through digital channels and share their valuable information with you. Those requirements translate to the safety of their data. You don’t want to lose customers since you failed to implement a solution that protected their information.

These expectations stem from our everyday conveniences—how did you feel the last time your internet went down? Customers expect the same fluidity. When you develop a disaster recovery solution, the effectiveness of the solution should mean that customers don’t experience hiccups in their digital experience. 

While you can’t prepare for a specific disaster, you can prepare for the worst.

The disaster recovery challenge is characterized by the way one responds to the breach. If a breach or disaster does occur, learn how to respond and recover from cybersecurity incidents

If you haven’t made disaster recovery a priority for your credit union this year, you may want to consider its role in your business: financial institutions are often the target of cybercrime and natural disasters are never predictable. Plus, there are many advantages to prioritizing disaster recovery.

With disaster recovery come the following benefits:

  • Minimized downtime and rapid business restoration
  • Near-zero data loss with on-site backups and real-time replication
  • Our secure branch communications allow immediate connections

Disaster recovery shouldn’t be a difficult term to hear, because it is more about planning than it is about the actual scenario. When the need for your disaster recovery solution to kick into place arises, you can rest easy knowing that you’ve implemented the best possible planning beforehand.

Essentially, disaster recovery plans are a form of insurance. We help to ensure that the challenges you face can be remedied smoothly and efficiently—the IMS Crash Response team is ready 24/7 to respond to any disasters. Find out more about how you can optimize your disaster recovery response.


Rising Trends in Email Scams and Phishing

From large to small, the financial services sector is often the target of email phishing schemes and other malicious attacks, and credit unions are no exception. The FBI reports that Business Email Compromise or Email Account Compromise (BEC/EAC) has seen a surge in those types of attacks, now a “$26 billion scam.” These exorbitant losses have prompted the FBI and law enforcement to become highly versed in the nature of these scams and how they are perpetuated. Still, fraudsters are always using more cunning methods to successfully access sensitive information.

Business Email Compromise is on the rise

Account takeovers are a part of this influx in Business Email Compromise, though some also speculate that these account takeovers include data gathering, which is then used to create ACH files. The Association for Financial Professionals (AFP) survey reports that ACH credit scams using BEC rose from 12 percent in 2017 to 33 percent in 2018. 

BEC is a robust effort on the part of fraudsters, who target those in companies with financial credentials access through a variety of measures. This may include social engineering, or grooming, combined with network intrusions. It’s a patient effort and one that continues to rapidly develop as these efforts continually seek to evade law enforcement. These fraudsters can cultivate the appearance of a relied vendor or another business, and exploit those with access to financials to provide sensitive information.

Fraudsters do their homework

It would seem that most phishing scams are obvious and avoidable, but the ingenuity of hackers and the development of new technologies and tactics indicate that companies need to stay on their toes through protection and cybersecurity education. Those seeking to infiltrate accounts and information will take the time to even look at social media accounts and other marketing to understand the culture of a company.

Email fraudsters have become savvier at making payroll fraud schemes appear to be official direct deposit submission forms, and might include an email with details requesting changes to direct deposit information. When that information is provided, the information points to another account, often a prepaid card. For example, one type of email scam includes a link to a spoof login page. When employees input their credentials to this page, the fraudster can use this information to access other employees’ personal information. 

In other cases, the fraudster might not request a transfer of funds. Rather, they are looking to obtain W-2 forms and Personally Identifiable Information.

Even while fraudsters are developing new methods of getting in, they’re also developing new methods of getting away. Domestic wire transfers have become more common than international ones, as law enforcement is now savvier at detecting those transactions when they are international since there is a slight delay in processing. During that lag in time, law enforcement is able to step in and stop the transfer. 

In 2018, Operation WireWire, involving the efforts of the Department of the Treasury, U.S. Postal Inspection Service, and the Department of Homeland Security, a six-month mission which resulted in dozens of arrests across the globe, and helped to recover $14 million worth in fraudulent wire transfers. 

Steps for prevention

The efforts of fraudsters have a significant impact on the global economy. Learning how to stop these malicious attacks on your business not only helps to ensure your members’ well-being but contributes to a greater purpose.

Educate your employees: 

Give employees clear, actionable instructions for looking out for the following:

  • Mismatched emails or URLs that don’t represent the business or person it claims to be sent from;
  • Any misspellings or unfamiliar URLs should be an immediate red flag;
  • Get versed in the most common leading BEC email keywords used in 2018;

Steps you can take:

  • Enable two-factor authentication or use another channel to verify requests for account changes.
  • Monitor finances and note any irregularities, especially missing deposits. 
  • Update all systems and keep software patches on

Being the victim of BEC can be an enormous financial loss and blow to a company.

In our compatibility with various types of credit union software, we provide an advantage to a wider berth of credit unions. We help you to provide a sense of security to your customers. 

If you’d like to learn how you can stay protected against financial cybercrime, get in touch.

Read more about why credit unions are a common target of email scams.