First Tennessee is committed to providing your company with the latest in secure technology for conducting your business or corporate banking. However, there are some important steps you can take to ensure your own internal security.
- Conduct reconciliation of all banking transactions on a daily basis.
- Initiate ACH and wire transfer payments under dual control, with a transaction originator and a separate transaction authorizer.
- Familiarize yourself with First Tennessee's account agreement and with your liability for fraud under the agreement and the Uniform Commercial Code as adopted in the jurisdiction. You can also educate yourself with tips on combating fraud in your business.
- Stay in touch with other businesses to share information regarding suspected fraud activity.
- Immediately escalate any suspicious transactions to First Tennessee, particularly ACH or wire transfers. There is a limited recovery window for these transactions and immediate escalation may prevent further loss.
- Employ best practices to secure computer systems including:
- If possible, for businesses that transact high value or large numbers of online transactions, it is recommended that all commercial online banking activities be carried out from a stand-alone, hardened and completely locked down computer system from which e-mail and Web browsing are not possible.
- Be suspicious of e-mails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on Web links in suspicious emails could expose your system to malicious code that could hijack your computer.
- Install a dedicated, actively managed firewall, especially if you have a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
- Create a strong password with at least 10 characters that includes a combination of mixed case letters, numbers and special characters.
- Prohibit the use of "shared" usernames and passwords for online banking systems.
- Use a different password for each Web site that is accessed.
- Change the password a few times each year.
- Never share username and password information for online services with third-party providers.
- Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
- Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Ensure virus protection and security software are updated regularly.
- Make certain computers are patched regularly, particularly operating systems and key applications with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
- Consider installing spyware detection programs.
- Clear the browser cache before starting an online banking session in order to eliminate copies of Web pages that have been stored on the hard drive. How the cache is cleared will depend on the browser and version. This function is generally found in the browser's preferences menu.
- Verify use of a secure session (https not http) in the browser for all online banking.
- Avoid using automatic log-in features that save usernames and passwords for online banking.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage or other financial services information at internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign on information leaving you vulnerable to possible fraud.
How First Tennessee Protects You Online
First Tennessee uses a strong authentication process to protect your sensitive information online. Using an authentication method the user knows (user ID and password) and one the user holds (token) for high-risk transactions, ensures that the right user is accessing our products and systems online.
As we upgrade our online banking platform, we will be deploying more sophisticated security solutions that will detect unusual user behavior and prompt the user for more information before granting access. Unusual behavior includes:
- Accessing the system in timeframes the user typically does not access the system
- Accessing the system from different geographical regions
- Accessing the system from different computers
Our external facing applications are protected from malicious attacks against our servers by firewalls and intrusion detection systems. These solutions not only protect our applications from hackers but also detect any intrusion or hack attempts and alert us.