Download presentation
Presentation is loading. Please wait.
Published byFrederik van der Zee Modified over 6 years ago
1
Presented by Elizabeth Kunkel Member Service Trainer
Privacy Law Presented by Elizabeth Kunkel Member Service Trainer Awareness Training When members open an account, complete an on-line credit application, register to receive information, or use a product or service from Altra, they are entrusting our business with their personal information. If that information is compromised, the consequences can be far-reaching: Members may become victims of identity theft; thus, they may become less willing — or even unwilling — to continue to do business with us. Therefore, collecting personal information from members must likewise have a security plan in place to protect the confidentiality and integrity of that information. It’s crucial. It’s common sense. And it’s the law.
2
Agenda Laws Protecting Member Information Safeguarding Information
Suspicious Activity Pretext Calling Verification Procedures Social Engineering Security Tips Scenarios
3
Gramm-Leach-Bliley Act
Ensures that all financials have policies, procedures, and controls in place to: Insure security & confidentiality of member records and information Protect against anticipated threats Protect against unauthorized access Signed into law Nov. 12th, 1999
4
Federal Criminal Code Makes it a crime to knowingly use, without lawful authority, a means of identification of another person with the intent to commit a crime. Such as an individual’s social security number or date of birth Probation, Fines, and or Imprisonment
5
Safeguarding Information
Permit system access only to authorized users Establish physical restrictions—locks, keypads, doors, vaults, etc. Encryptions of electronic data Dual control procedures
6
Safeguarding Information
Monitoring systems and procedures Response programs Measures to protect against potential environmental hazards Staff training Regular tests
7
Reporting Suspicious Activity
Bank Secrecy Act Suspicious Activity Report Unusual behavior Identity theft Pretext calling
8
Check Point! What are the requirements of the Gramm-Leach-Bliley Act concerning financial institution protection of member information? List three guidelines that Altra practices to safeguard member information. Insure security & confidentiality of member records and information Protect against anticipated threats or hazards to the security or integrity of member records and information Protect against unauthorized access to or use of such records or information that would result in substantial harm or inconvenience to any member.
9
Pretext Calling Method of Impersonation
Use different ploys to extract information Use number of approaches Intimidation Helplessness Emergency
10
Verification Procedures
Know Your Member! Passwords Flags & Memos Ownership Acceptable Member Identification DOB, Driver’s License, Passport, etc.
11
Social Engineering Process of deceiving people into giving confidential, private or privileged information or access to a “hacker.” Uses variety of social and psychological techniques.
12
Social Engineering Using High Emotion Employing a Higher Authority
Using High Moral Arguments Creating Reciprocity Developing Trust Relationships
13
Reducing Social Engineering Risks
Know What Information is Valuable Never underestimate the value Be Wary of Relationships Protect Passwords and Access Codes Don’t Trust the Uniform
14
Check Point! What techniques do pretext callers use to weaken the victim so he/she provides confidential information?
15
Security Tips Use complex passwords Never share passwords
Lock files, cabinets, drawers, computer Clean desk policy Shred sensitive material Never take member data home Report suspicious activity
16
Scenarios The Teller Window The Olive Garden Over the Phone
The FSR Office The Local Pub A Helpful Favor In the Lobby The Teller Window
17
Privacy Police
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.