Security with Online Banks and
Online Brokers
Online banking and brokers are by
far my favorite byproduct of the internet. Finding an online bank that allows
you to pay your bills online for free, saves time and money. The post office
has one of the biggest monopolies around. Competition in this area will drive
up the interest your idle money will draw. Online brokers cut-out the middle
man making it the best place for an informed investor to purchase stocks. (Unless
you can purchase the stocks directly from the company itself.) Low commission
costs greatly increase your long time return. These wonderful technologies bring
me to the point of this article. "Online security" The only catch is you have
to be extremely careful about security. As systems such as home PCs continue
to get more complex, the ways in which thieves can break-into accounts increase.
I work in the computer security industry so I am well aware of these threats.
I suspect most people are obvilious to the risk. I've put together several common
misconceptions.
Common misconceptions
- If your computer is patched and
has an upto date anti-virus pattern you are protected.
- I don't use my computer much online
so I don't have to worry about security.
- My bank protects me from identity
theft and account theft.
My recommendations
- Use a second PC that has been
cleanly built, patched, and utilizes upto date antivirus and spyware protection.
- Only use this PC for accessing
your online bank, online brokerage and other online retailers.
- Do NOT browse to unknown sites
with this PC. No searching. Do not install any unknown 3rd party applications.
Only install necessary applications.
- Ensure there is a firewall between
the internet and your secure PC.
- If possible, firewall off this
PC from the rest of your home network.
- Use different complex passwords
for all online accounts. Please see the definition of complex passwords for
further information
- Store passwords in a secure hidden
location such as a fire proof safe. Do not leave passwords sitting out. No
sticky notes above your computer. Definitely do not store passwords on the
computer.
- Check online accounts frequently.
- If possible, create online accounts
as "For deposit only". Many online brokerages allow this feature.
- If possible, use 2-factor authentication.
This involves something you know and something you have such as a key chain
with a rotating 6 digit number.
- Be informed about how your specific
online bank or broker handles identity theft.