Security and Fraud

Online Banking

Keep your User ID and Password private: Do not be tempted to share your IDs and Passwords with anyone.

Be unique and change your password: Create a unique password comprised of upper, lower and numerical characters. Change your online banking password every 60-90 days.

Be different: Avoid using the same User ID and Password for different online services.

Memorize: Do not write them down or store on your computer. If you really need to record a password then use a code system (i.e. transpose letters/numbers) and keep in a secure location.

Log Out: Log out of Online Banking prior to visiting other websites or leaving your computer.

Alert Us: If you notice suspicious or unusual activity in your online banking accounts, please call 855-582-5101.

Never open links within text messages or emails from someone you do not know and trust.

Always proceed with caution no matter who sends a text message or email.

Never respond to a text message or email by providing personal identifying information such as password, user ID, PIN, etc.

Be certain you have reached a safe website when using your mobile device by turning on the “show URL” or “show address bar” option to display the website addresses; they should start with “https://”. Check the information that came with your device for specific instructions.

For Consumers

Protect Other Personal Information

• Never keep PIN numbers and passwords in your wallet or any visible location.
• Protect your PIN at ATMs. Block from view.
• Do not give personal information over the phone, by email or on the internet, unless you have initiated the contact.
• Shred documents with personal information:
  • Pay stubs
  • Pre-approved credit offers
  • Shopping receipts
  • Utility and phone bills
  • Insurance documents
• Obtain your credit report regularly to check for fraud.
• Review your bank and credit card statements for accuracy - Do Not Ignore suspicious charges.

Keep your User ID and Password private: Do not be tempted to share your IDs and Passwords with anyone.

Be unique and change your password: Create a unique password comprised of upper, lower and numerical characters. Change your online banking password every 60-90 days.

Be different: Avoid using the same User ID and Password for different online services.

Memorize: Do not write them down or store on your computer. If you really need to record a password then use a code system (i.e. transpose letters/numbers) and keep in a secure location.

Use strong passwords:

• At least eight characters with a combination of uppercase and lowercase letters, numbers and symbols
• Don't include your user name, real name or company name
• Don't make your password a complete word
• Create passwords that are significantly different from each other

For Businesses

JVB is your business partner for information and account security. Fraud prevention is our goal.

Basic safeguards against Corporate Account Takeover:

• Keep your User ID and Password private:  Do not be tempted to share your User IDs and Passwords with anyone
• Be unique:  Create a unique password comprised of upper, lower and numerical characters. Change your online banking password every 60-90 days.
• Be different:  Avoid using the same User ID and Password for different online services.
• Memorize:  Do not write them down or store on your computer. If you really need to record a password then use a code system (i.e. transpose letters/numbers) and keep in a secure location.
• Log Out:  Log out of Online Banking prior to visiting other websites or leaving your computer.
• Alert Us:  If you notice suspicious or unusual activity in your online banking accounts, please call the Electronic Banking Department at 717-436-3214

Security Best Practices:

• Training - Nothing beats training employees to follow safe practices such as those found here. New employee training and follow up training for all employees are keys to success.
• Dual Control - Require cash and payment transactions to be handled by two separate people wherever possible.
• Separation of Duties - Employees who make payments should not also reconcile accounts.
• User Limits - Assign limits to cash and payment transactions.
• Audit - Regularly check activity and compare to policies or practices.
• Reconcilement - Reconcile accounts as soon as possible.
• Review - Statements, cancelled checks, deposit and payment history.
• Access - Remove or disable online access for terminated employees.
• Policies - Create or amend sound internal policies regarding the safeguarding of information and be certain that policies are communicated and are being followed.
• Secure - Secure sensitive information and share only on a “need to know” basis.
• Restrict - By policy and practice, restrict users from:
  • Sharing ID’s or passwords
  • Clicking on links unknown to them
  • Opening email from unknown sources
  • Installing or removing software unless they are authorized to do so

Device Considerations:

• Updates - Keep your device (PC, laptop, tablet, phone, etc.), up to date with system security patches, anti-virus software, etc. Set your security software to scan daily.
• Firewalls - Maintain an up-to-date firewall and engage expertise in monitoring activity.
• Wireless - If using a wireless corporate network, consider “hiding” it from public view and turn on all appropriate security features. Change the default administrative password immediately upon installation.
• Data Integrity - Disable other device access such as USB drives if not needed. Perform reliable backups and test restores regularly.
• Passwords - Set parameters requiring strong passwords and frequent changes.
• Administrative Access - Only key users should be given administrative access to system connected devices and such access should only be used when necessary.
• Procedures - Develop, maintain and train on procedures to be followed when a suspected virus infection or breach occurs.
• Review - Regularly review appropriate logs for suspicious activity.
• Alerts - To the extent possible, set application alerts to inform you of certain activities. For example, you may wish to be alerted when funds are transferred from an account or when a payment exceeds an established limit.
• Segregation - For sophisticated businesses, consider a segregated device to be used solely for transacting business and do not allow web browsing, email, etc. on this machine.

Physical Security Best Practices:

• Maintain locks
• Monitoring and alarm systems
• Safe data storage and backups
• Document shredding
• Vendor management for privacy standards, background checks, and on-site facilities review