Skip to main content

Business Online Banking Security

Protecting your business information online.

Your computer and mobile devices provide convenient access to your email, financial information and social media accounts. Unfortunately, it can potentially provide the same convenient access for criminals. Regardless of the type device, if you are storing or accessing financial and personal information you should take steps to secure your computing environment and enable device security features to protect your information.  
Partner with Peoples Bank to prevent unauthorized transactions. When establishing your Business Manager Online Banking, a Peoples Bank employee from the Electronic Banking Group will provide a detailed overview of security features available to you.  Talk to your banker about your specific business needs so they can assist you in using the Business Online Banking Administrator tool to customize security features and services that safeguard you from unauthorized transactions.

Device and Computer Security.

Keep your passwords, personal identification numbers (PINs) and account codes secret. Don’t reveal your User ID or password to anyone.  Never give out your computer credentials such as user name or password, personal information such as Social Security Number or financial information such as account number in response to an unsolicited phone call, fax or e-mail, no matter how official it may seem. Your User ID and password are the most critical layer in online banking security. Use truly unique passwords that only you know.

Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Be sure you trust the computer you are using for logging into Peoples On-line Banking.  Do not use public or other unsecured computers.  Don’t perform banking transactions on a public Wi-Fi network. If you need to access your account, try disabling the Wi-Fi and switch to your mobile network.
Keep your operating system up to date. Operating system updates are how identified security holes are patched.  Timely installation of updates on all devices used to access financial information is critical to your computing security. Download the updates for your phone and mobile apps.

Install anti-virus protection on your computer.  Always maintain an up-to-date, trusted antivirus protection on any device you use to access your financial accounts.  Protect your phone from viruses, malicious software and malware, just like you would for your computer by installing mobile security software.

Wipe your mobile device or computers hard drive.  Before you donate, sell or trade your mobile phone or computer, wipe the hard drive using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.

Use the passcode lock on your smartphone and other devices. The more layers of security, the more difficult it is for thieves to access your information if your device is lost or stolen.

Use security features that are available on your device and Peoples Online Banking. Some features are required and some are optional.  Consider the benefits of the optional features before you discard them as inconvenient. Having to enter a passcode to access your device may seem inconvenient until it lost and persona information is compromised.

Notifications and Alerts. Use online banking alerts to monitor transactions and online banking activity. Within online banking, you can enroll in email and text alerts that will generate notifications to alert you of transaction activity or balance information according to criteria you have established.

Verify Prior Logins. Verify your last login each time you login to online banking.  Log out completely when you finish a mobile or computer banking session.

Tokens & Token Codes. A Token is a device that generates a one time code that must be input in to Business Manager within a short time span to initiate or approve a transaction.  Tokens add an OOBA (Out-of-Band-Authorization) level of security and are highly recommended by the Bank.  

Out-of-Band Approval. Transactions may be approved using a one-time text code sent to your mobile device or a phone call.  This mean those with approval authority do not need to be in the office to ensure a timely payment gets approved.

Positive Pay. Positive Pay allows business to monitor authorized check or ACH transactions compared to those presented for payment at the Bank. The Positive Pay system identifies transactions that do not match an issued check or ACH debit and alerts you.  This allows you to make a decision to pay or return the item.

Business security best practices.

Understand your responsibilities and liabilities. The Business Deposit Account Agreement and your Business Manager E-sign Agreement for online banking detail which commercially reasonable security measures are required to protect your business. It is critical that you understand and implement the security safeguards in the agreement.

Educate your employees. You and your employees are the first line of defense against a corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices and responses to a suspected takeover are essential to protecting your company and customers.

Internal authentication. Establish procedures to authenticate any company employee sending instructions to conduct a financial transactions. To authenticate the employee initiating the request, use a method that it different from how the original request was made. For example, if the request is initiated by email, call the sender at a phone number known to be theirs. Never respond to the same email and never call an unknown number provided in the email.

Dual control. The Bank recommends dual control as a best practice for all wire or ACH transactions. Even if your staffing is limited or out of the office, dual control processes can be established by requiring a Token Code or Out-of Band Approval for both initiation and approval of transactions.
Establish transaction limits.  Transaction limits can be established in Business on-line Banking.  Transaction limits at the company and individual, as well by transaction type are available to assist you to enforce internal process and limit exposure.  You can set dollar limits or limit specific transactions the company or individual may complete

Establish unique user names and password for each employee.   Each employee should have their own user name and password.  Even if employees have the same level of authority, different user names allows you to see their individual activities in online banking. Limit employee authorities to perform only the functions they need.