As 2019 is behind us, now is a good time to review your credit union website to make sure it’s up-to-date so you can start the new year on the right foot. Once your site content is current, the next step is to protect your credit union website and your members from potential cyber threats. Here are three security best practices your credit union web host should have in place:

  1. Network Monitoring
  2. DDoS Prevention
  3. A Backup and Disaster Recovery Plan


Network Monitoring

Have members ever complained about how long they have to wait for your website to load? Or, worse yet, have members ever had to notify you that they can’t access your website at all?

If you answered, “Yes,” to either of these questions, your credit union web hosting service may not be providing sufficient network monitoring. Your credit union web host should be monitoring the health and security of your network 24/7/365 to ensure it’s up and running smoothly at all times.

Bandwidth determines the health, or performance, of your network by measuring the speed of your network connection. If your website is slow to load, something is causing a bottleneck. This could be something as harmless as a large image or media file. However, a malware attack can also impede connection speed. Network monitoring detects any inconsistencies or spikes in bandwidth usage.

In addition to abnormal fluctuations in normal bandwidth usage, network monitoring should regularly check firewalls and virus scanners. Any changes to a firewall’s performance make your system vulnerable to cyberattacks. Network monitoring also confirms virus scanners are running as scheduled and anti-virus software is up-to-date.

 

DDoS Prevention

Malware and viruses aren’t the only culprits of a slow website. Your credit union website is also susceptible to a distributed denial-of-service (DDoS) attack, which targets your website server.

Under normal operation, your web server handles an expected number of requests per minute from users accessing your credit union website. With a DDoS attack, a hacker will employ botnets—multiple computers infected with the same malware—to flood your server with false requests. Overloading your server with more requests than it can handle slows down the website and can even bring it down completely.

Your credit union web host should be able to distinguish between a DDoS attack and an influx of requests from legitimate users. At a proactive level, your web host can limit the number of requests the server can accept over a set time. Reactively, your hosting provider can analyze traffic coming into your credit union website and block the suspicious activity and alert you so you can take action.

 

A Backup and Disaster Recovery Plan

You should be confident that your credit union web hosting provider has a backup plan for restoring the data on your website. With a malicious security breach, hackers can delete or encrypt data so that you can no longer access your website to protect it and your members. An employee may inadvertently make changes to your site, disrupting the operation of your site. A natural disaster, a fire, or even a device malfunction can destroy the data completely.

Your credit union web host should offer you the tools necessary to back up your site. Or better yet, you can use a credit union web hosting service that automatically backs up your data for you. Having a backup plan ensures 100% uptime of your website after disaster strikes.

 

Final Words

Data breaches not only put your members’ information at risk, but they can also put your credit union in jeopardy. IBM’s 2019 Cost of a Data Breach Report found that a data breach in the United States costs an average of $3.92 million. Can you afford not to invest in credit union web hosting that delivers on security?

Begin the new decade with security in mind by contacting CUWebsite™ Services® about credit union web hosting. Our proprietary BankSITE® Security Monitor works 24/7, checking your site for connectivity issues, changes to web pages, domain registration, and more. We implement AT&T’s DDoS Defense system for added protection against DDoS attacks. Our primary data center is located in Scottsdale, Arizona, which is virtually immune to the natural disasters that affect other parts of the country. And, finally, our disaster recovery data center is in an undisclosed location, so you can rest assured your data is always protected and ready to be restored at a moment’s notice if necessary.