Security Tips for Businesses

Security Tips for Businesses

At First Republic, your account security and peace of mind are of the utmost importance.

Tips to Help Keep Your Business Accounts Secure

  • Monitor all users who have temporary access to your organization’s computer network. It’s important to restrict third-party access to certain areas and remember to deactivate access when users finish their work.
  • Verify the identities of individuals remotely accessing your network, email or payment systems, and banking accounts, using at least two factors. Enabling touch/facial recognition identification or a one-time passcode adds an extra layer of security.
  • Verify references and perform a background check on all new employees.
  • Assign financial transaction responsibilities to at least two people so no single person is responsible for paying checks, sending funds, making entries into your accounting system and reconciling financial statements.
  • Verbally validate any new payments, regardless of dollar amount, prior to sending.
  • Personally review and sign all checks issued.
  • Review account activity daily and reconcile accounts frequently.
  • Periodically perform a risk assessment of the technology, processes and controls used for banking to identify any weaknesses or vulnerabilities.
  • Require customers to provide identification for checks and card signature transactions.

Educate and Train Your Team on Security Procedures

  • Communicate the importance of employing complex usernames and passwords and not reusing them across multiple channels.
  • Reinforce the protection of company assets, including data, inventory and information.
  • Ensure that data loss prevention technology is in place to detect and prevent the unauthorized movement of data out of your organization.
  • Scan and filter inbound emails to detect spam and malicious content.
  • Limit the ability of employees to access their personal email and social media accounts on company-issued devices and prevent access to websites with inappropriate content.
  • Limit the use of business email accounts to business purposes only.
  • Secure and backup files in case of a data breach or ransomware attack; important files should be stored offline, on an external hard drive or in the cloud.

Additional Measures if Permitted by Your Business Processes

  • For wire and ACH transactions, establish red flags for new payees, account numbers, dollar thresholds and international transfers.
  • Assign someone to verbally verify the details of transactions with the provider of payment instructions, using a trusted phone number, to ensure they have not been modified by a fraudster.
  • Designate a single computer for online transactions. Do not allow the computer to be used for personal email or general web surfing to minimize the potential for the computer to be infected by emails with malicious attachments, links or filters to fraudulent websites.
  • Use maker/checker or submitter/approver procedures to reduce the chance that one person could initiate and execute an unauthorized transaction.

Check Positive Pay and ACH Positive Pay: Services Designed to Safeguard Against Fraud

  • Check Positive Pay allows you to compare checks presented for payment with a list of checks you have entered online to ensure an exact match.
  • ACH Positive Pay helps protect your account from fraud by allowing you to manage incoming ACH debits. You can add authorization rules for future transactions while processing unauthorized debits to be paid or returned to the originating bank.

Trusteer Rapport Online Fraud Protection Software

Trusteer Rapport, financial malware protection software, complements your existing antivirus and firewall software so you can bank safely online with First Republic.

Benefits of Trusteer Rapport:

  • Provided at no cost to First Republic clients
  • Automatically updates and requires little to no maintenance
  • Protects against financial malware and removes existing infections
  • Ensures you’ve accessed a genuine First Republic website, not a phishing site