How we helped a New Haven-based credit union manage their NCUA (National Credit Union Administration) compliance and their IT needs after losing their one tech person.

Situation

This New Haven credit union has been serving the financial needs of teachers and other public servants of the education system for over 83 years. Along with offering banking services and loans, they also advise their clients on managing their finances and smart ways to budget.

​

They previously had one person who oversaw all aspects of their infrastructure, cybersecurity, and overall technology. After their tech person left, the credit union found themselves in a tricky situation; no one knew where to begin maintaining their tech and compliance.

​

After reaching out to neighboring credit unions for advice, they found us. 

Solution

Going in, we knew the single most important thing to do was prevent ransomware and other attacks. We immediately implemented a multilayered approach to their cybersecurity. Though the credit union had some security components in place such as firewall, AV, DNS filtering and blocking, they did not have enough layers to protect them from complex cyber threats. 

They lacked cybersecurity tactics and strategies that could detect zero-day threats as well as unusual activities on user accounts. They were also unable to quickly capture and analyze event activities on their system. This type of information is valuable as it points out any system vulnerabilities. These security gaps left them highly vulnerable to attacks and breaches.

​

To reduce their security risk, we implemented Endpoint Detection and Response (EDR) and Security information and event management (SIEM) onto their systems. EDR is an instant detection tool and is the last defense in the endpoint to stop attacks when there isn’t a definition for it. SIEM (SIM) is a logs aggregator and analyzer. It reviews all recorded activities for any suspicious activity and makes them readable. 

Results

Because of the added protection of having EDR and SIEM in their cybersecurity the credit union’s infrastructure was able to successfully meet NCUA compliance. Due to the nature of their business and industry regulations, staying compliant is one of their top priorities.

With the use of a multi-layered security solution, the credit union’s team is empowered to work securely inside and outside of their offices while still meeting compliancy requirements.