Online Banking Security Practices

Your online banking security is important and Solera National Bank is providing best practices for your review.

Solera National Bank takes numerous steps to safeguard our customers’ information using established security standards including encryption software, firewalls, computer virus protection, multi-factor authentication, secure login and time log off.

Customers play a role in safeguarding your banking information by:

Monitor accounts frequently (daily as a best practice). Immediately review Wire, ACH or other transaction confirmations.

Run activity reporting on a daily basis and scan for logins from unidentified IP Addresses.  The goal is to identify any suspicious or abnormal activities.

Obtain and install antivirus, anti-malware and anti-spyware software, and consider installation of a firewall (and make sure it is active and automatically updated by the vendor, or take necessary steps to keep it updated).

Never leave a computer unattended when using any online banking service, and always lock your computer when away.

Turn your computer off completely when you are finished using it.

Ensure your computer operating system, software, and browser version are current.  Prior to downloading an update to your computer program, go to the company’s website to confirm the update is legitimate.

Configure your devices to prevent unauthorized users from remotely assessing your devices or home network.  Follow the manufacturer’s recommendations to configure the router with appropriate security settings.

Educate all company/entity personnel on good cyber security practices, clearing the Internet browser’s cache before and after visiting the Solera National Bank’s website, to avoid having malware installed on a computer. 

Sign up for balance alerts via email or text.

Business customers should implement dual controls and approval for ACH and Wire transfers so that dual approval is required before the transaction is initiated at Solera National Bank.

Never share user IDs, passwords, PIN numbers, dynamic tokens, etc. with anyone.  Sharing your password or PIN with another is the same as giving that individual authority to use your name in a transaction.

Avoid saving passwords to a computer.

Do not use the same login or password on any other website or software.

Limit or eliminate unnecessary web-surfing and/or e-mail activity by employees, including personal activity, on computers used for online banking.

Consider a dedicated computer for online banking that is never used for e-mail or general internet browsing/surfing (cost of computer vs. loss).

Verify use of a secure session. (“https://” and not “http://”)

Limit access to Solera National Bank’s website for online banking (or any privileged or sensitive computer system) from a public computer at a hotel/motel, library, coffee house or other public wireless access point.

Be suspicious of any employment position that requires use of a personal account for business purposes. Such offers for employment as a mystery shopper, payment processor, etc., where you are required to use your personal account for someone else’s business purposes, are not legitimate.  No legitimate business will attempt to move business funds through anyone’s personal account, and you should educate yourself on these issues.  »» If you are approached to participate in such schemes, immediately contact local law enforcement, the FBI or the Secret Service to let them know.

Password Security

A password represents a shared secret, known only by the end-user and the system they are authenticating against. The system cannot differentiate the real user from another user who also knows the password. For this reason it is essential that users keep their password private and immediately report any suspected security violations.

A well-chosen password has two important characteristics; it should be easy to remember, and hard to guess. Do not write down your password.

Passwords should be changed on a periodic basis to counter the possibility of undetected password compromise. Passwords should be changed often enough so that there is an acceptably low probability of compromise during a password’s lifetime. To protect against undetected password compromise, the maximum lifetime of a password should be no greater than 120 days.

Below is a list of some common password choices to avoid:

  • Customer name, or family member, or pet’s name
  • Social Security, Account, or Phone numbers
  • Any part of your physical address
  • Anybody’s birth date
  • Other information that is easily obtained about the user
  • Any username on the computer in any form
  • A word in the English or foreign dictionary
  • A password used on another site
  • Any of the above spelled backwards
  • Out of Wallet or Public Records (e.g. Mother’s Maiden name)
  • Sequences: “12345678,” “222222,” “abcdefg”

Below is an example of a more secure password:
iwc8dc

  • can be easily remembered by remembering:
    • the letters stand for “Integrity Without Compromise, the number 8, and Delight Customers”.
  • at least 6 characters in length
  • at least one numeric digit
  • not based on word in the dictionary
  • not easily guessed
  • can be easily remembered by remembering the letters stand for “Integrity Without Compromise, the number 8, and Delight Customers”.

Below is an example of a less secure password:
money1

  • is based on a word in the dictionary