Bacs notice on cyber threats
Bacs has recently sent out an email to all Bacs Service Users’ sharing best practice when it comes to protecting your organisation against cyber attacks.
Bacs informs, the best practice is as follows:
• Smart cards should be removed from the smart card reader immediately upon completion of the submission of payment files.
• Terminals used for the submission of bulk payment files should not be used to access any other web services. Ideally, these devices should be standalone machines or should be segregated from the rest of the corporate network.
• Submitters should ensure that the operating systems of machines used to submit files are appropriately patched and supported.
• Submitting machines should have anti-virus software installed and configured so that it automatically updates whenever the manufacturer provides an update. Perimeter and logical controls should also be implemented to prevent unauthorised access to the submitting machine.
If you use Rapidata for the submission of Direct Debit or Direct Credit files, Rapidata is ISO 27001 accredited for Information Security that covers the above and a lot more. Rest assured, your submissions are being handled with security at the forefront of what we do. Although you do not have to worry about the smart cards and the submissions to Bacs, we do advise you check your own Internal security measures. The UK Government has recently introduced a Cyber Essentials Scheme that gives baseline security measures that is worth downloading and ensuring you meet.