Writing bills? Skip that! Try online bill pay

Business Banking

‹ Home / Login

Treasury Management Solutions

Bear State offers a variety of Treasury Management Solutions to help you run your business.  We make sure we understand your business; how it runs, your future goals and your current struggles.  We are committed to being your partner - which means doing our best to protect you.  Running a business can be a challenge, and we want to help you understand potential security concerns and provide you with best practices to help ease your mind.

Bear State Bank provides these guidelines to help mitigate risks to your business against Cybersecurity threats related to online fraud. A security best practices approach can help mitigate risks to your business related to potential financial losses, business disruption and costs associated with fraud.

Cybercrime continues to increase in complexity and numbers, requiring a risk mitigation best practices approach that incorporates multiple layers of security. Below are general security guidelines that will help protect your business, as Cybercrime continues to evolve.

IDENTIFY

UNDERSTAND YOUR CYBERSECURITY RISKS - Achieve comprehensive, effective systems management by understanding what hardware and software are installed across your organization and how you can best mitigate security risks.

PROTECT

DEDICATED COMPUTER - Dedicate a stand-alone computer that is separate from your network for online banking. Consider using an alternate boot up system that utilizes a flash drive and is read-only capable. Consider physically securing this device.

PASSWORD SECURITY - Users should never share their password or PIN. Create complex passwords using lower case, upper case and special characters. Create passwords that are 8 characters or greater in length. Use different passwords for different accounts and systems.

SECURITY SOFTWARE - Install anti-virus, anti-malware, anti-spyware, firewall and various other attack blockers. This provides a layered approach for detecting and blocking malicious attacks.

Set your security software to update automatically

Set malware scanning to update automatically

Set your Operating System to update automatically (Windows, OS X, Linux)

Keep your ancillary software updated

Ensure your software firewall is turned on

** Verify your updates are working as expected

FIREWALLS - Consider installing an appliance firewall to prevent unauthorized access to your network, creating a strong password for firewall access.

WIRELESS - Do not use public Internet access points, such as airports and restaurants. If external access is needed, consider implementing a VPN or DirectAccess to provide end to end data encryption.

OUT OF BAND AUTHENTICATION - Utilize multi-factor authentication for an additional layer of security when available. This could include one-time passcodes provided through devices such as SMS authentication and security tokens. Avoid the use of VoIP phones using SMS authentication, since there is connectivity through the Internet and potential for passcode hi-jacking.

DUAL CONTROL PROVIDES A VERY GOOD LAYER OF SECURITY - Initiate your ACH and Wire transfers using dual control. This provides another layer of security to mitigate security risks.

BACKUP IMPORTANT BUSINESS DATA AND INFORMATION

Regularly backup important data on all computers

Store copies off-site on a schedule as appropriate

** In the event of a failed hard drive on a PC or a Ransomware attack, this is your safety net

USER ACCOUNTS - ESCALATED PRIVILEGE ACCOUNTS

Do not use escalated privilege accounts, such as Administrator, unless necessary. Always log out of Administrator and escalated privilege type accounts when not needed or not in use. Utilize a unique login for Treasury Management access and delete inactive or terminated user accounts.

DETECT

DISCOVER CYBERSECURITY EVENTS - Block evolving threats and implement the appropriate measures to mitigate or identify the occurrence of a cybersecurity event.

MONITOR YOUR ACCOUNTS ON A DAILY BASIS - This allows you to quickly detect suspicious activity.

SUSPICIOUS ACTIVITY - Report any suspicious activity within your company to your bank immediately.

RESPOND

IF MALWARE IS DETECTED OR SUSPECTED

Recommendation:

  1. Disconnect the PC from all Internet Access and your network connectivity.
  2. Do NOT power off the PC
  3. Do NOT use the PC
  4. Contact your Security advisor or technical resources for next steps

 

RECOVER

IF A DEVICE IS DETERMINED TO BE INFECTED WITH MALWARE.

Recommendation:

  1. Contact Bear State Bank for a review of your accounts
  2. Work with your technical resources for needed forensics, analysis, rebuild, etc.
  3. Contact Treasury Management, as your technical resources have determined that the PC is ready to use and it is safe to conduct Treasury Management Services.

 

EDUCATION

EDUCATING YOUR EMPLOYEES IS ONE OF YOUR BEST SECURITY LAYERS - Provide on-going training and security awareness for your employees.

MAKE YOUR EMPLOYEES PART OF YOUR CYBERSECURITY TEAM BY KNOWING THESE RULES:

Do not click links from unexpected or suspicious emails

Do not open attachments from unexpected or suspicious emails

Do not enable macros from unexpected or suspicious emails.

Do not open unrecognized email

Open familiar email with caution. You can never tell who is truly behind the emails. It may be spoofed or faked.

Email is inherently an unsecure medium of communication. Only general inquiries should be sent via email. Pass-codes and confirmations for Wires and Ach transactions should utilize Out-of-band authentication (OOBA) processes such as a phone call and/or multifactor authentication if available.

ADDITIONAL RESOURCES

OnGuard Online

https://www.consumer.ftc.gov/features/feature-0038-onguardonline

Stay Safe Online

https://www.staysafeonline.org/

USA.gov

https://www.usa.gov/online-safety

FDIC Cybersecurity – Consumer Protection

https://fdic.gov/consumers/assistance/protection/IdTheft.html

Cybersecurity for Small Business - FCC

https://www.fcc.gov/cyberforsmallbiz

Cybersecurity for Small Business - SBA

https://www.sba.gov/tools/sba-learning-center/training/cybersecurity-small-businesses

Internet Crime Compliant Center - FBI

https://www.ic3.gov/default.aspx