Independence: Most would not consider the Credit Union to be a “technical” business, but yet, it has a designated IT (Information Technologies) department?
M. Whitney: At Dakotaland Federal Credit Union, we recognize it’s our primary responsibility to safeguard member information. My team is committed to protecting the private financial information of our members with appropriate care in order to maintain their confidentiality, integrity and security. That kind of security takes a dedicated effort and a complex technical network.
Independence: IT is a very broad term Mike, but it affects how each and every one of us do business on a daily basis. As the head of IT at a large credit union, what is it you and your team are responsible for?
M. Whitney: Dakotaland Federal Credit Union’s Information Technology staff conduct ongoing Risk Management Assessments of its controls, policies and procedures. This helps us manage the monitoring, detection and prevention of intrusions that might occur. On a regular basis, management will identify and assess the risks that may threaten the security, confidentiality or integrity of credit union information systems. In turn, we can determine the sensitivity of member information and the internal and external threats to its integrity.
Independence: What do you determine to be the largest threat to credit union security?
M. Whitney: Internet connectivity is a blessing and a curse. Technology has been a great tool for us to bring our services to our members. They love the convenience, but they also see how cyber attacks have compromised many companies in the past. Dakotaland is using the latest in threat management techniques to mitigate risks associated with the Internet. We are blocking all but essential access to our core systems to help minimize Cyber threats.
Independence: Mike, what other measures have you implemented to reach the level of security needed?
M. Whitney: Online accessibility by our members is an important feature and it requires multi-factor authentication, as well as other safety steps to help prevent unauthorized access. In addition, Dakotaland retains all data in-house to maintain a greater level of control over the outside threats. And lastly we have redundancy of systems to help minimize interruptions in service to our members and staff.
Independence: As a financial institution, is there an outside agency whom regulates the safety and security of the credit union?
M Whitney: Yes. The National Credit Union Administration (NCUA) is a federal regulatory entity which oversees all aspects of the credit union’s operations. Dakotaland takes the recommended guidelines from NCUA seriously. We participate in annual IT security audits to verify the controls and methods that we have in place to protect our information systems. In addition, Dakotaland Federal Credit Union has invested heavily in ways to protect our systems. These investments are expensive, but worth every penny as we know our members depend on us to protect them.