Need assistance from the Help Desk? Use the 5 W's to make things go more quickly and smoothly!

Making Networks Work.

DataBP Continuous Data Protection
Firewall Management

    Don’t Forget! ACTION REQUIRED – SSL Certificate Replacement on PROD

    SSL Certificate Replacement on PROD

    DON’T FORGET!  The security certificate that verifies prod.cuanswers.com is expiring on April 23rd.  This certificate ensures secure encrypted connections for CU*BASE GOLD and printer sessions between your credit union and CU*Answers.  As part of maintaining network security, this certificate is replaced every 3 years. Because the new certificate uses enhanced encryption technology, CU*Answers will be providing a compatibility update for all client PCs as part of the CU*BASE 17.03 release on March 19th.

     

    What You Need To Do:

    Anytime between Monday, 3/20 and Sunday, 4/9, every workstation needs to exit CU*BASE GOLD and IBM Client Access completely and relaunch CU*BASE GOLD at least twice. 

    Optional step for IT staff – to verify the workstation has received the update:

    1. Open My computer
    2. Navigate to c:\users\public\documents\ibm\client access\
    3. Verify the current file size of “cwbssldf.kdb”
    4. If this file size is 30kb then everything worked correctly and you don’t have to do anything else.  If the file size is different, please refer to KB article for manual process.

    Questions?

    Email the Help Desk

    CU*Answers to Hold Network Services Boot Camp

    CU*Answers, the 100% credit-union owned CUSO, will be hosting a Network Services Boot Camp on Wednesday, March 29th and Thursday, March 30th at their 28th Street location. These Boot Camps, led by CU*Answers Network Services, teach the basics of installation and troubleshooting for CU*BASE®, CU*Answers’ core processing platform, and ProDOC. Day 2 will cover network and system management practices, including reporting, security architecture and administration tools and standards.

    These classes are for returning participants or new credit union IT team members who want to gain competency with core product deployment and support. A main goal is to provide a closer relationship with credit union IT staff and the CNS team. To view the schedule, topics that will be covered, and to sign up, visit the CU*Answers website.

    ACTION REQUIRED – A Note From the Help Desk: SSL Certificate Replacement on PROD

    SSL Certificate Replacement on PROD

    The security certificate that verifies prod.cuanswers.com is expiring on April 23rd.  This certificate ensures secure encrypted connections for CU*BASE GOLD and printer sessions between your credit union and CU*Answers.  As part of maintaining network security, this certificate is replaced every 3 years. Because the new certificate uses enhanced encryption technology, CU*Answers will be providing a compatibility update for all client PCs as part of the CU*BASE 17.03 release on March 19th.

    What Are We Doing?

    As part of the 3/19 scheduled CU*BASE 17.03 release, we are updating the CU*BASE launcher and intermediate certificate authority files used by IBM Client Access on every client workstation.

    Why Are We Doing It?

    1. This work is being done in preparation for the replacement of the security certificate that PROD uses to encrypt data communications with client workstations.
    2. This work will also help us maintain the latest network security encryption standards.

    When Are We Doing It?

    • The updated GOLD launcher will be deployed as part of the scheduled 3/19 CU*BASE 17.03 release.
    • The PROD security certificate will be replaced on 4/9, one week in advance of the certificate expiration.

    What You Need To Do:

    Anytime between Monday, 3/20 and Sunday, 4/9, every workstation needs to exit CU*BASE GOLD and IBM Client Access completely and relaunch CU*BASE GOLD at least twice. 

    Since you will be getting the 17.03 release this weekend, next week is the perfect time to remind all users to exit and relaunch GOLD completely at least twice.

    Optional step for IT staff – to verify the workstation has received the update:

    1. Open My computer
    2. Navigate to c:\users\public\documents\ibm\client access\
    3. Verify the current file size of “cwbssldf.kdb”
    4. If this file size is 30kb then everything worked correctly and you don’t have to do anything else.  If the file size is different, please refer to KB article for manual process.

    Questions?

    Email the Help Desk

    Changes Coming to Online Banking Security

    Enhancements to Online Banking Security Coming Tuesday, April 11th

    As part of CU*Answers’ ongoing commitment to strong security for online banking, CU*Answers will be making changes to the encryption used to protect member sessions.

    On 4/11 we will be disabling weaker forms of SSL encryption, including “3DES.” This will prevent member web browsers from using these weaker forms of encryption when connecting to online banking, thereby ensuring that only very strong encryption can be used.

    CU*Answers has tested these configurations and monitored current usage and we do not believe this change will prevent anyone from accessing online banking. However, if a member does encounter issues accessing online banking after this update, they should update their browsers to the latest available version and apply any outstanding vendor operating system patches.

    Do I need to do anything to get this update?

    No. The changes are made on our servers and everyone will get the new configuration the next time they connect to online banking. We will post an OBC Alert leading up to the maintenance to alert members of the change.

    How does this improve the security of It’s Me 247?

    Security is improved because only very strong forms of encryption will be allowed. While connections to It’s Me 247 have always used encryption, times change and encryption that was considered strong only a few years ago may now be more vulnerable to attack. Keep in mind, attempting to compromise even weaker forms of SSL encryption is very difficult, and we are not aware of any breaches or attempted breaches of this security for ItsMe247.com. We do expect that in the future we will need to continue to adjust these settings to respond to technical advances of bad actors.

    How should my credit union respond?

    We do recommend reviewing your own web sites; if they use SSL encryption, you should also consider disabling weaker ciphers. CU*Answers Web Services will also be making these changes to affected hosted websites during this maintenance. Those who don’t host with Web Services should contact their web hosting company for more information.

    CU*Answers Network Services Attends RSAC 2017 Cybersecurity Conference

    As part of CU*Answers’ ongoing commitment to cybersecurity leadership for data processors, three representatives attended the RSA 2017 USA Cybersecurity Conference (RSAC) in San Francisco during the week of February 13, 2017. RSAC 2017 is one of the largest cybersecurity conferences in the world with over 43,000 attendees, 15 keynote presentations, more than 700 speakers across 500+ educational sessions with over 550 cybersecurity firms represented on the expo floors.

    For CU*Answers, RSAC is a key component in ongoing staff cybersecurity education and a chance to meet with thought leaders on critical and upcoming cybersecurity issues and defensive tactics. “The cybersecurity landscape changes at lightning speed,” explains David Wordhouse, VP Network Technologies. “Bad actors are constantly innovating, so understanding current tactics and how to defend against them is critical for our operations. At RSAC we go to school and bring back what we learn to our teams. Continuous improvement is the name of the game.”

    Popular sessions this year included Internet of Things (IoT) security and government regulations, cloud security and virtualization, governance, risk and compliance, application security, identity/ authentication, and security strategy. Knowledge learned will be applied to operations, development, network defense, human security/anti-phishing education, and board briefings.

    CU*Answers Network Services Offers Free Firewall Review for Managed Firewall Clients

    CU*Answers Network Services (CNS) today announced they would perform firewall configuration reviews for free for customers of their managed firewall service. The review is geared towards meeting increasing regulatory scrutiny of credit union cybersecurity and firewall management processes.

    During the interactive review session, an engineer will review specific firewall configurations with the client and highlight any configurations that may be outdated or in need of removal.

    “Networks are dynamic organizations that need regular review,” explains Matt Sawtell, AVP of Managed Technology Services. “Phone systems get upgraded, ATMs get added or swapped out, and other changes happen throughout the year. Often these changes leave unnecessary artifacts behind. This process is a great way to identify those stale configurations and fix them.”

    The review process and any subsequent changes are documented and suitable for use as evidence of the credit union’s firewall management plan and due diligence on cybersecurity matters.

    Up to one free annual review and consultation is available per customer of the Network Services Managed Firewall Service or Complete Care Service. For more information or to schedule a review, contact the CNS Team (netserv@cuanswers.com or ext. 266).

    A Note From the Help Desk: Annual Firewall Review

    Do You Know How Your Firewall Is Set Up?

     

    As part of your ongoing technology oversight, we encourage you to meet with us and review your firewall configuration on an annual basis. Given the increased focus on cybersecurity for credit unions, we’d like to help you learn about this core security component and answer any questions you may have about how your network is protected. 

    Schedule a FREE Firewall Review – beginning in March!

    This review can be used to supplement your internal audit program and your IT vendor due diligence. During this 30-60 minute Zoom session, we’ll review your firewall settings with you, presenting the information in an easy-to-understand format and answering any questions you may have about your firewall setup.

    We’ll document any changes that we make during the review. While we won’t make any changes without your permission, we will bring to your attention any of your firewall configurations that may be outdated and in need of removal. For example, if you’ve upgraded a phone system or ATM, the old network configurations may no longer be needed.

    The best part is, the firewall review is absolutely FREE! Up to one hour of consultation per firewall is included at no charge for managed firewall clients.

     

    So click below to schedule a firewall review today and be prepared the next time an auditor asks you if you know how your firewall is set up!

    Email us to schedule your review!

    Thank you

    A Note From the Help Desk: Dell SonicWall SRA Vulnerabilities in Managed SRA and SMA Devices

    ATTENTION NETWORK SERVICES MANAGED CLIENTS

    Dell SonicWall SRA Vulnerabilities in Managed SRA and SMA Devices

    Today it was announced that there are three vulnerabilities with the SonicWall Secure Remote Access and the Secure Mobile Access devices.  These vulnerabilities can cause unauthorized information disclosure, modification and/or disruption of service. While these vulnerabilities are potentially serious, we do not have any indication that managed client SRA/SMA units have been compromised.

    SonicWall has released a maintenance release of firmware(8.1.0.7) to patch these vulnerabilities.

     

    What Are We Doing?

    Due to the severity of this issue, we will be applying the patch this evening. This will begin at 7pm and will continue overnight until complete. Our team will be opening tickets to track the work, we expect the firmware update to take approximately 30 minutes. If you would like a specific time schedule to perform the upgrade, please contact us as soon as possible, we will accommodate special scheduling requests on a first come, first serve basis.

    For further information, please see the links below:

    Vulnerability Summary for CVE-2016-9682

    Vulnerability Summary for CVE-2016-9683

    Vulnerability Summary for CVE-2016-9684

    Thank you,

    Questions?

    Email the Help Desk

    Awakon Federal Credit Union Completes Network Upgrade

    Located In Onaway, Michigan, Awakon Federal Credit Union recently completed a full network upgrade under the direction of the CU*Answers Network Services teams. This upgrade allows Awakon Federal Credit Union to keep their equipment and solutions current and is part of the overall technology plan at the credit union.

    CU*Answers Network Services also provides the credit union with its Complete Care IT management program that includes firewall monitoring and management, server monitoring and management, backup and business continuity services, managed endpoint security and patch management. This partnership allows CU*Answers to assist the credit union with these ongoing tasks so the IT department can work on credit union projects and member initiatives.

    “CU*Answers Network Services are a vital piece of my IT team at the credit union. They help fill in with monitoring and oversight in areas that I would have to work 24 hours per day if I were doing it myself,” says Jason Freel, Vice President of Information Systems with Awakon Federal Credit Union. “Because they specialize in credit unions, their focus is specific to the areas of security and compliance, areas in which credit union IT departments should be well versed, but often lack internal expertise.”

    For more information, visit the CU*Answers website.

    A Note From the Help Desk: CISCO Network Equipment Hardware Advisory

    ATTENTION ONLINE, SELF-PROCESSING, AND NETWORK SERVICES MANAGED CLIENTS

    CISCO Network Equipment Hardware Advisory

    Cisco has released a hardware advisory for a clock signal component used in some of their equipment which could result in failure of the device after approximately 18 months of operation.

    For the CU*BASE client networks, devices primarily affected by this advisory include the Cisco 4300 routers. Cisco has announced other equipment may be affected as well (see link above for details).

    An equipment failure may result in your Credit Union being unable to reach CU*BASE or other data processing services without emergency assistance by us to reconfigure your network.

     

    What Are We Doing?

    We are working closely with Cisco to identify equipment within our managed networks that are affected by this defect. We are also developing a process with Cisco to replace affected equipment for devices under management.

    We believe that there is no immediate likelihood of hardware failure based on the purchase date of the equipment in question.

    What You Need To Do:

    If your router is affected and is managed by CU*Answers Network Services, we will coordinate the replacement process under our existing management agreement. We will reach out to you to start the warranty replacement process in the coming weeks.

    If we do not manage your router, you should carefully review Cisco’s notice and determine if you have any equipment in your network that is affected. Cisco is requiring that equipment be under SmartNet warranty to be eligible for replacement.

    PLEASE NOTE: If you do not have a management agreement, we strongly recommend you contact CU*Answers Network Services or Cisco for options

    Questions?

    Email the Help Desk

    CU*Answers Network Services is a full-service network technology solutions provider. We specialize in LAN/WAN design, implementation and management; network security; firewall management; IP telephony VOIP (voice-over-Internet protocol) solutions; records management; managed hosting solutions (facilities management), compliance and security audits (HIPAA/GLBA/SOX); high availability solutions; web site engineering, and hardware sales and support services. CU*Answers Network Services provides services to the education, retail, legal, medical, real estate, hospitality, and financial services industries as well as court systems and regional municipalities. Our financial services portfolio includes servicing over 150 credit unions across the country.

    Why CU*Answers Network Services?

    • Nationwide Network Reach: 24/7 real-time monitoring and management of thousands of devices and hundreds of networks across the U.S.
    • Compliance Expertise: policy development, implementation, and consulting for highly regulated industries
    • Proven high availability solutions for critical applications: hosted or on-premise
    • Custom, secure web application development by certified experts
    • Multiple state-of-the-art data centers
    More than just a service provider, we're an extension of your staff with the expertise to cut through the confusion and deliver the solutions you need at a price you can afford. Rest assured that if our team can deliver to the exacting standards required by highly regulated industries, CU*Answers Network Services can meet your needs too.
    www.cuasterisk.com | Phone: 616.285.5711 | Toll Free: 800.327.3478 x167 | Fax: 616.285.5735