Financial institutions must take extra special care to keep their customers’ personal and financial information private and secure from cyberattacks. Small- and medium-sized businesses lose more than $2.2 million each year because of cybercrime. A security breach on your website can cost you more than just money; it could also cost you customers if they lose trust in your bank or credit union.
Bank website security begins with your web hosting provider. When looking at the safeguards implemented by your web hosting service, you’ll want to consider the physical location of the server and the monitoring of the network.
Physical Location
The security of your bank website starts with where your website is housed. This involves the type and location of the web host or server.
A shared web host is the least secure. Because you share the server with multiple sites, anyone who has access to the other sites can possibly get into yours. With a dedicated server, only you have access to your site. However, by not sharing the host, you can’t share the cost either.
BankSITE® Services hosts our customers on a Virtual Private Server (VPS). A VPS offers similar protection as a dedicated server at a lower price. Also, our primary data center is an AT&T SSAE 16/SSAE 18 (SOC 1 Type II) facility located in metro Phoenix. The area is virtually immune to most of the natural disasters that occur in other areas of the country. We also have a disaster recovery center at an undisclosed location.
Network Monitoring
Safeguarding your website from cyber intrusions is an ongoing process. Installing a firewall and setting up passwords aren’t enough, especially for financial institutions. BankSITE® Services uses AT&T’s DDoS Defense System to monitor our network by continuously analyzing incoming traffic and rerouting malicious activity.
Should your main website become compromised, our Attack ByPass System allows you to redirect your customers from a static maintenance notice page to your online banking system. This prevents any interruption in your customers’ ability to perform transactions. As an added security measure, we perform third-party vulnerability assessments on our network through our partner Trustwave.
Finally, we monitor your website for any unauthorized changes to your website pages, domain name registration, and DNS record. Using the latest scanning software, we check your website daily for malware, malicious JavaScript, iframes, and downloads. If your website is hacked, we can immediately restore your website from the previous day’s backup.
Final Words
Your bank web hosting service should follow these two necessary guidelines to protect your customers’ data and to meet federal regulatory compliance. BankSITE Services has helped financial institutions for more than 20 years, and we’re ready to help you, too.