In the vault: The Coastal Bank and IronKey

Share this article:
In the vault: The Coastal Bank and IronKey
In the vault: The Coastal Bank and IronKey

A continuous process

But, the sanctity of protecting financial assets is a continuous process. The bank has introduced many new multifactor authentication systems along with significant detection capabilities to ensure its customers' transactions are safe, secure, authentic and verifiable, Montgomery says.

"The greatest risk facing The Coastal Bank and our online banking customers today is the security of their own PCs and networks," he says. "Criminals are using the path of least resistance and using client information to take over their computers to cause financial harm to the customer and the bank. With IronKey Trusted Access we offer our customers a way to conduct online banking on a dedicated, secure and isolated platform that's simple and convenient for them to use."

The Coastal Bank is further differentiating its client-focused services with Trusted Access, because it isolates clients' online access in a safe, bank-managed environment that is independent of the PC, Montgomery says. IronKey protects online banking customers even if their PC has been compromised with financial malware, including keyboard loggers, man-in-the-browser or ‘backconnect' trojans.

"Our customers want to know that they are protected from these threats," says Montgomery. "It is equally important to them and The Coastal Bank to know that all activity through IronKey is safe and secure, eliminating the extra risks and security concerns present in today's online banking environment.

The Secure Browser is just one layer of security provided by the Trusted Access Platform, says IronKey's Bocek. Support for smartphone-based authentication has already been announced and additional analytics to detect and prevent fraudulent transactions is planned. The platform allows banks to start with secure browsing and add additional layers of security later.

Policy and setting updates are pushed automatically to end-users after administrators change settings, Bocek says. All policy changes are digitally signed. Software updates are made available to bank administrators first. Administrators can test software updates in a controlled environment. Once accepted, administrators can push software updates to end-users automatically. All software updates are digitally signed and only updated files are downloaded.

Page 3 of 4
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in Features

Case study: Big LAN on campus

Case study: Big LAN on campus

A university rolled out a wireless network, but was hampered with a user-support problem...until a solution was found. Greg Masters reports.

2014 Women in IT Security: Stacey Halota

2014 Women in IT Security: Stacey Halota

When she stepped into the job of vice president of information security and privacy at Graham Holdings Company in 2003, Stacey Halota had to carve out new territory because her ...

What's sex got to do with it?

What's sex got to do with it?

Harassment has no place in the security industry. Neither do sexism or discrimination. But, there they are. It's time for infosec to just say no, reports Teri Robinson.