CU news Logo

Your source for the latest technology information of interest to community banks across America. Subscribe to our weekly e-mail newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.

February 13, 2017

 


Hardware News

Business News Daily recently tested and reviewed a wide range of tablets geared towards business users. Here are their results:

- Best Overall Business Tablet Microsoft Surface Pro 4

- Best iPad for Business Apple iPad Pro 12.9-inch

- Best Android Tablet for Business Samsung Galaxy Tab S2

- Best Budget Tablet for Business Lenovo Tab 2 A10

- Best Battery Life Tablet for Business Lenovo Yoga Tab 3

F5's Herculon SSL Orchestrator is a high-performance appliance that enables the decryption and encryption of outbound SSL/TLS traffic and supports dynamic, policy-based management and direction of traffic to the appropriate security devices for inspection. The company notes that currently the percentage of SSL traffic exceeds 70 percent, and that percentage is increasing, and that between one-half and three quarters of attacks cloak their communications in that encrypted traffic. In action, the SSL Orchestrator gives you visibility into SSL traffic with centralized decryption across multiple security tools - web application firewalls (WAFs), data loss prevention (DLP) tools, intrusion detection systems (IDS), intrusion prevention systems (IPS), malware analysis tools, and more. 

~~~

Hardware Section Sponsored by
Millennial Vision, Inc. (MVi)

Back to Top


Software Updates

Microsoft Nano Server offers a super slim deployment option of Windows Server 2016. It has numerous advantages in that it reduces storage costs; presents a very small attack surface; offers faster backups, live migrations, and reboots; and requires less frequent patching. However, Nano Servers are limited in that they can only perform the following roles:

  • Hyper-V host
  • failover cluster node
  • file server
  • DNS server
  • Web server running IIS

CrowdProcess is the scientific computing company behind James which is an Artificial Intelligence platform for credit risk. The company has developed an online credit risk management tool that helps banks create, validate, deploy, and monitor regulation-ready predictive models. The startup utilizes machine learning algorithms for its models and scorecards. They claim that they can boost your portfolio performance with a 10% increase in acceptance rate, while offering a 30% decrease in default rates.

DeepLearni.ng is a Toronto-based startup that has developed an AI platform dubbed Neptune that integrates disparate data sources. They say that their solution optimizes your business processes, and allows you to deploy advanced machine learning models without the need for sophisticated data scientists or machine learning experts. With their assistance, Scotiabank developed and launched a tool that identifies potentially delinquent or high-risk customers and suggests the best way to approach them about it. They note that even a small improvement in collections can have a big impact on their bottom line.

~~~

Back to Top


ATMs/Kiosks

Morphis has launched a new cloud-based version of its ATM management system - MorphisONLINE.net SaaS. The solution is designed to allow ATM deployers to access cash orders and cash confirmations, to view transactions in near real-time, providing “instant alerts” to cash-outs, cash loads, missed loads or terminal status messages.

One of the five top ideas in its competition for the Co-op Think Prize 16 is a concept designed to make ATM access safer and easier for older users. Co-op conducted Think Prize in partnership with OpenIdeo, an online global innovation community and collaborative platform, with sponsorship by MasterCard. The idea behind the All-Generation Friendly ATM is to give bank customers more confidence when using ATMs by allowing them to take time when setting up transaction details while they are at home. Once transactions details are confirmed, the transaction will be automatically brought up the next time the user logs-in to an ATM. This will minimize the time that they spend in being vulnerable at physical ATM locations.

~~~

ATMs/Kiosks Sponsored by
Heritage Industries

 


Back to Top


Wireless World

According to a report from Forrester, mobile payments volume in the US is expected to total $112 billion in 2016 and grow at 20 percent compound annual growth rate until it reaches $282 billion by 2021. The research firm concluded that while mobile payments are certainly popular, they have not swept across the retail world the way many had hoped. Venmo is one of the most popular mobile payment solutions and makes up almost a quarter of current mobile payment transactions, while others such as Apple Pay, Google Wallet and Square are also quite popular. For retailers, Starbucks has had the most success with mobile payments: 27 percent of all of their transactions last quarter came from mobile devices.

Both iOS and Android come with numerous security features and capabilities, however both operating systems have also been found to contain very serious security vulnerabilities in the past. Many security experts point out that Apple's app vetting process is superior to Google's process for their Play Store, but they also note that Google's more rapid, open-source development lifecycle can be a better way to ensure that vulnerabilities are fixed quickly. Both operating systems support enterprise use in that they offer some way of segmenting enterprise data from user profile data, in effect, creating a secure container to install enterprise apps and store enterprise data.

~~~

Back to Top


Security Section

In order to avoid detection, sophisticated scammers are launching "fileless" attacks using Windows utilities and open-source tools instead of easily detectable malware programs. Windows utilities like SC, NETSH and PowerShell can be used to load programs such as Meterpreter directly into RAM, without leaving any traces on the hard disk drive. Meterpreter, which is part of the Metasploit penetration testing toolkit, is in-memory software that can inject itself into other running processes and is used to establish persistency on a compromised system.

Vera announced the launch of Vera for Mail, an enterprise-grade security solution that lets organizations secure, track, and revoke access to any email they send. The package allows IT Departments to protect confidential communications, classify messages and attachments, audit internal and external collaboration, prevent unwanted sharing, and dynamically revoke access to email communications and content. For senders and recipients, Vera Mail does not require key exchanges or proprietary plug-ins.

Trend Micro announced that they have infused machine learning capabilities into their next-generation intrusion prevention system (NGIPS) solutions. Trend Micro TippingPoint NGIPS applies machine learning statistical models to feature vectors extracted from network data on the wire to make a real-time decision on whether network traffic is malicious or benign. They say that this evolution helps to better detect advanced malware behavior and communications invisible to standard defenses.

~~~

Back to Top


Leaders Roundtable

Security:

Battling Security Fatigue – Working Towards Usable Security

 

 

Onbase by Hyland Software - http://www.onbase.com
Read Steve Comer's comments:
https://www.banktt.com/OnBase.pdf

 

Millennial Vision - http://www.mviusa.com
Read Scott Cowan's comments:
https://www.banktt.com/MVi.pdf

 

NetWatcher - http://www.netwatcher.com
Read Scott B. Suhy's comments:
https://www.banktt.com/NetWatcher.pdf

 

Network Bix USA
 
Network Box - https://www.networkboxusa.com  
Read Pierluigi Stella's comments:

 

MVi
Nintex - https://www.nintex.com
Read Mike Fitzmaurice's comments:
https://www.banktt.com/Nintex.pdf

 

Security Compliance Associates - http://www.scasecurity.com
Read Jim Brahm's comments:
https://www.banktt.com/SCA.pdf

 

SentinelOne - http://www.sentinelone.com
Read Jeremiah Grossman's comments:
https://www.banktt.com/SentinelOne.pdf

~~~

Back to Top


Technology and Marketing

Instant issuance in the branch allows banks to personalize payments cards for customers through custom card printing capabilities, e.g., family and pet photos, logos of local sporting teams, schools, organizations or community landmarks. Plus according to research from the CPI Card Group, millennials are nine times more likely to open an account if they are shown how quickly they will be able to use their debit or credit card at the very beginning of the account opening process. Finally, with the traditional, central issuance model, up to 10% of cards are never activated after they are mailed out by some estimates.

~~~

Back to Top


Online Banking/E-Commerce/Website Design

Mercator Advisory Group's latest report, “Business Banking Services: Expanding Online and Mobile,” finds that 84% of small businesses most commonly visit branches to make teller deposits and 47% make deposits at ATMs. Nearly all small businesses surveyed regularly visit the branch of their FI, but far fewer, 1 in 5, go to the branch to meet with a relationship manager. "While small businesses visit the branches primarily for quick and simple transactions, they would like to see improvements in online and mobile banking geared to help their businesses transact more easily and provide more services they need to manage and grow their business," notes Karen Augustine, Mercator Advisory Group's Senior Manager of Primary Data Services, the author of this report.

While NACHA rules dictate that the FI originating a payment assign a unique 15-digit trace number, uniqueness is not mandated across payments in other batches in the same payments file. Steven Cordray, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed, suggests that a possible solution that could overcome this current limitation of the trace number would be a one-time-use, ACH-operator-assigned, 15-character alphanumeric trace number. He suggests that operators could guarantee uniqueness by allowing an operator trace number to contain digits and upper and lowercase letters, and expanding to a 62-character set would result in over 3.5 trillion distinct values which would be more than enough to cover the 6 year record retention requirement.

Accenture wants to help FIs secure their blockchains by storing the encryption keys they use to sign transactions in hardware security modules (HSMs). Their goal is to help make it easy for blockchain developers to incorporate HSMs in their platforms. Their solution is currently designed to work with Thales e-Security's nShield HSM and the Hyperledger Fabric blockchain software, but they plan to extend the project to other commonly used HSMs and they point out that it can be adapted to other blockchains.

~~~

Back to Top


Internet Access

SD-WAN (software-defined wide area networks) proponents contend that they provide a more cost-effective and simpler way to operate secure, virtualized WAN connections between branches, data centers and the Internet. That is because they deliver an easily programmable environment that permits you to augment or replace your existing WAN, lower costs by deploying less expensive broadband links and dynamically scale bandwidth capacity. However, SD-WANs are not often complete WAN solutions in that you may need to add other software orchestration components to the mix, particularly if you want to connect from remote sites to cloud services. Orchestration allows you to coordinate and automate across different pieces of the network thereby integrating the entire distributed organization to the WAN and into the cloud.

Webroot SecureAnywhere DNS Protection controls Web access at the domain layer for any on-network device, user or guest. The Web-based SecureAnywhere DNS Protection console enables admins to finely tune Web access policies by IP address or IP range, and limit access to any other websites that they may consider a risk to their network. Webroot offers over 82 URL categories, and claims that the solution sets up in minutes and doesn`t add latency.

~~~

Back to Top


Call Centers

Anyone who has ever worked in a contact center knows just how stressful it can be on agents and managers. In response, some progressive centers address these high stress levels with rewards and perks designed to keep employees happy and somewhat more relaxed. Some perks that have been offered at various contact centers include:

- complimentary snacks and drinks

- small gifts on a continuous basis

- gamerooms with video games and tables for ping pong, billiards, foosball, etc.

- yoga and deep breathing classes and massages

- mobile car washes

- quiet rooms and nap pods

- indoor and outdoor exercise areas

- “Bring Your Dog to Work” days

- no dress code

- holiday parties, picnics, and team building retreats

~~~

Back to Top

 

Get Our Free Email Newsletter

First Name(*)
Invalid Input

Last Name(*)
Invalid Input

Position(*)
Invalid Input

E-Mail(*)
Invalid Email Address