Security Information

How Drummond Community Bank Protects You

Online banking is offered through a secured website connection.  Each connection is authenticated using an online ID, a security question, complex password, and a passmark image.  If at any time you notice suspicious account activity or experience information security-related events please contact us as soon as possible.

How to Further Protect Yourself

User ID and Password Guidelines

• Create a “strong” password with at least 8 characters that includes a combination of mixed case letters, numbers, and special characters.

• Change your password frequently.

• Never share username and password information with third-party providers (Drummond Community Bank will never ask for your password).

• Avoid using an automatic login feature that saves usernames and passwords.

General Guidelines

• Do not use public or other unsecured computers for logging into Online Banking.

• Check your last login date/time every time you login.

• Review account balances and transaction details regularly to confirm payment and other transaction data and immediately report any suspicous transactions to a Drummond Community Bank representative.

• View transfer hisrtory available through viewing account activity information.

• Take advantage of and regularly view system alerts.

• Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.

• Whenever possible, register your computer to avoid having to re-enter challenge questions and other authentication information with each login.

• Review historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data.

• Never leave a computer unattended while using Online Banking.

• Never conduct banking transactions while multiple browser are open on your computer.

Tips to Avoid Phishing, Spyware and Malware

• Do not open email from unkown sources.  Be suspicious of emails purporting to be from financial institutions, government departments, or other agencies requesting account information, account verification, or banking access credentials like passwords or PINs.  Opening file attachments or clicking on web links in suspicious emails could expose your system to malicious code that could hijack your computer.

• Never respond to a suspicious email or click on any hyperlink embedded in a suspicious email.  Call the purported source if you are unsure who sent the email.

Tips for Internet Usage

• Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.

• Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.

• Ensure computers are patched regularly, particularly operating system and key application with security patches.

• Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable.  A firewall limits the potential for unauthorized access to your network and computers.

• Check your settings and select, at least, a medium level of security for your browsers.

• Clear the browser cache before starting an online banking session in order to eliminate copies of Web pages that have been stored on the hard drive.  How the cache is cleared depends on the browser and version you are using.  This function is generally found in the browser's preferences menu.

Tips for Wireless Network Management

Wireless networks can provide an unintended open door to your personal or business network.  Unless a valid business reason exists for wireless network use, it is recommened that all wireless networks be disabled.  If a wireless network is to be used it is recommended that it be secured as follows:

• Change the wireless network hardware (router/access point) administrative password from the factor default to a complex password.  Save the password in a secure location as it will be needed to make future changes to the device.

• Disable remote administration of the wireless network hardware (router/access point).

• If your device offers WPA encryption, secure your wireless network by enabling WPA encryption of the wireless network.  If your device does not support WPA encryption, enable WEP encryption.

• If only known computers will access the wireless network, consider enabling MAC filtering on the network hardware.  Every computer network card is assigned a unique MAC address.  MAC filtering will only allow computers with permitted MAC addresses to access the wireless network.

 For Commercial Customers

Tips for the Risk Assessments

• It’s recommended all commercial online banking customers perform a risk assessment and evaluate controls periodically.

• Use limits provided for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.

• Review historical audit reports regularly to confirm transaction activity.

• Utilize available alerts for funds transfer activity.

• When you have completed a transaction, ensure you log off to close the connection with the financial organization's computer.

• Use separate accounts for electronic and paper transactions to simplify monitoring and tracking any discrepancies.

• Reconcile by carefully monitoring account activity and reviewing all transactions inititiated by your company on a daily basis.