Each year brings new chances for success and new opportunities to highlight branch security risks, and to prevent them. It is important to self-identify and correct any vulnerable spots that your branch may have. With four main foundational pillars, Wittenbach deeply understands your branch’s unique needs. We can equip you with the tools and necessary knowledge to help prevent any breaches, even to the less obvious security threats. Below, we’ll explore these hidden risks and how you can help ensure that your branch does not fall prey.
Hidden Physical Security Threats
The physical security of your branch is important. The security of your third-party vendors is often a hidden physical risk that some don’t consider until an issue arises. Since they may have credentials to enter more areas of your facility than the general public, it is important to verify the qualifications and risks of your third-party vendors before onboarding them.
It is common practice for financial institutions to work with third parties. These suppliers may interact with your data, paperwork, and assets. In branches, this can look like a cash-in-transit (CIT) worker, who replenishes cash in the most sensitive points of your footprint. A third-party supplier can also be a construction team who is driving physical renovations within your branch, perhaps optimizing physical space and accessing areas that are generally reserved for employees.
When you hire a third party supplier, your branch’s security team must consider the level of security and access to vulnerable areas that this entity needs. But how can you ensure that your supplier is meeting security standards? The best way is to thoroughly vet your supplier to ensure that there are no lingering concerns or issues that would present risk to your branch. Website BCMMetrics provides six vetting points for evaluating the security of your suppliers:
- Establish a governance process, ensuring that a standard and rigorous supplier vetting process is part of bringing any new third party on board.
- Identify your critical vendors. Is using this particular vendor critical to the operations of your branch? Do they supply an essential commodity that nobody else can?
- Assess the threats and risks facing the vendor, ensuring that they have a stable workforce and aren’t facing security allegations or risk going out of business in the near future.
- Pay them a visit. This may not always be possible, but if you have the opportunity, their own facilities and level of preparedness may be an indicator of their capability of providing the level of security your branch needs and expects.
- Get it in writing. BCMMetrics says, “The ideal situation is for the vendor to agree to your business continuity requirements and for the terms to be included in your supply agreement with the vendor. […] Try pointing out to them how having a strong business continuity program doesn’t protect only your company, it also strengthens theirs.”
- Be proactive! This involves staying in touch with suppliers to ensure things are running smoothly and any security concerns are being proactively addressed. In a realistic world, it also means having at least one viable backup vendor in this space, in the unlikely event an issue or breach were to arise.
Hidden Electronic Security Threats
As electronic security measures become more prevalent in keeping branches safe, potential criminals will seek opportunities to find and exploit vulnerabilities in these systems. This creates an entirely new league of branch security risks. While many branches rightfully worry about network encryption and cyber security in general, they should consider this protection in the context of NVR (Network Video Recorder) systems and their components. Making sure that your IP camera, NVR, and cloud-based video surveillance data is properly encrypted is very important.
Wittenbach offers industry-leading market surveillance products, including many from partner Verint, that offer significant peace of mind. While it’s important that these systems work well, it’s also important that they are properly encrypted. NVR surveillance video data is one point of interest to a potential hacker as it can be highly sensitive and capture criminal activity or suspicious habits. In a recent blog post, we advised of the strong link between electronic security products and the need to protect them from cyber-attacks. “While most NVR systems and IP cameras come with a certain basic level of encryption, the preferred way to prevent this breach is ensuring a stronger encryption, including HTTPS/SSL.”
Hidden ATM and ITM threats
The security of your ATMs (Automated Teller Machines) and ITMs (Interactive Teller Machines) is crucial to the confidence and smooth transaction of your clients. Thousands of dollars are stored in these machines at any given time, and they are often exposed to the outdoors, leaving them vulnerable to external threats.
A common theft method for outdoor ATMs and ITMs is the hook and chain method. In this example, a criminal will attach a hook and chain to an ATM, first dragging off of its mounting, then damaging the machine to the point it can be pried open. Once the ATM is open, the thief will simply remove the cassettes containing cash. This has become such a prevalent problem that many banks and credit unions are adding anti-hook devices to their ATMs and ITMs.
ATM Marketplace contends that security sensors or a strengthened unit chassis can be the best line of defense to deter criminals who may even organize and commit these breaches across several states. Placing GPS trackers in the machine and cassettes is another way to track criminals if they manage to breach the ATM or ITM.
Cash Automation as Threat Prevention
Teller cash recyclers, or TCRs, have been around since 1983, invented less than 20 years after the first ATM in 1967. These machines provide support and improve the efficiency of your tellers. One TCR has the capacity to support two live tellers. These machines handle a variety of duties, such as:
- Handling cash from tellers: TCRs can swiftly and accurately count cash faster than your tellers, virtually eliminating human error.
- Sorting bills by denomination: Not only do TCRs quickly count currency, they can identify and sort bills based on dollar amount.
- Checking for counterfeit bills: TCRs help reduce the risk of fraud by checking for counterfeit bills, often displaying an error code within a matter of seconds and removing them from circulation.
- Counting and verifying the total: This eliminates loss by mistake, and also loss by internal theft.
- Storing the notes for later dispensing: The TCR keeps cash secure in its internal safe, replenishing it via “recycling” for later use in client withdrawals.
When a TCR is implemented, such as Glory’s RBG-100 model, your branch can potentially achieve savings in cost, staffing hours, and security from possible theft inside the branch. It is a romantic notion to believe that employee theft would never strike your branch; however, this is a risk that branches should consider, and that TCRs can help to eliminate. While using a TCR at your branch, less cash passes through your employees’ hands manually, automatically reducing the chances of theft and increasing teller productivity at the same time.
In Summary
When your branch is secure, it solidifies your financial institution’s relevance and client confidence to transact in person. Clients want to do business with a bank or credit union that keeps their assets safe, and their best interests upheld. There are many hidden threats that can derail branch operations and significantly damage its client relationships. Thankfully, awareness and action can prevent many kinds of security breaches. These four threats are just a few of many security risks that financial institutions like yours face every day. Wittenbach is determined to help you identify and prevent these hidden threats, keeping your branch secure, in service, and celebrated. To learn more about how we can help you keep your bank secure, contact us today.
