On defense around the clock, team tackles online attackers
At war room, USAA security unit works to keep customers' information safe.
By Valentino Lucio
Updated 12:40 a.m., Monday, October 31, 2011
At all times, San Antonio-based USAA is at war.
For the financial institution, security is a priority, with about 350 employees dedicated to keeping the 286-acre campus and its customers' information safe from the thousands of online attacks it receives daily.
To ensure that safety, the company has developed technologies that alert it to when bad guys are knocking at the door.
USAA has a war room that tracks where threats originate and monitors social networking posts and chat rooms for would-be enemies.
The company also has rolled out security measures that its members can use for online banking, whether they're being used on a computer or a mobile device.
“We want to be proactive, to be ahead of the game,” said Jack Key, vice president of USAA's information security unit. “We want to be out in front of it, we want to see the trends, we want to see indicators of things that are taking place so we can take action and head these things off as fast as possible.”
Financial institutions need to safeguard their systems more than ever with the increasing amount of information being shared digitally.
USAA “has taken steps internally and externally to harden their infrastructure to protect their members,” said Martha Vazquez, an industry analyst for consultant Frost & Sullivan. “They lead in innovation. ... And they continue to innovate new ways to increase awareness to protect members and employees.”
Behind locked doors in a room with restricted access is the company's Cyber Threat Operations Center — the war room. It looks like most IT offices, with rows of cubicles equipped with multi-screen computers and white boards.
Along a 30-foot wall is a spinning digital globe with pulsating color-coded dots that the center's 25 employees monitor around the clock. The dots glow red, yellow or green to alert the staff to the severity of attacks and where they are coming from.
To the right of the globe, a steady stream of social networking posts are displayed. The staff looks for keywords that pertain to USAA and its systems.
“These are the knock on the door,” Key said. “It gives us a size and scale capability to see across the globe where attacks are originating ... to see if the threat is something old or something brand-new that we haven't seen before that we need to take action on.”
The center has been in use for about 18 months and is updated continuously to deal with the malicious activity — about 35,000 attacks are blocked daily — that threatens its members around the clock.
“The landscape is worsening and will continue to get worse due to the increase of mobile devices and how we share information today,” Vazquez said. “Financial markets have luckily been the earliest adopters of security solutions, but the challenge will be on how to combat against new evolving threats.”
The Wild West
The company's enterprise security group consists of three levels: information security, fraud and physical security.
Just as the company guards entrances to its headquarters, the security group works to do the same with USAA's computer systems. USAA estimates that on any given day, it prevents $2.4 million in fraud losses, recovers about $315,000 in fraud losses and processes 225 million cybersecurity alerts.
While security is a part of the corporate culture, no system is 100 percent safe from cyberattacks, said Gary McAlum, USAA's chief security officer .
“The Internet is pretty much considered the Wild West. ... For us, the threats don't take holidays,” McAlum said. “They don't take weekends off. This is a continuous problem and a growing problem. The sophistication of and the innovation of the threats have radically increased. This is serious business, and for USAA, this has become a strategic focus.”
But as the security unit stays alert, McAlum said, part of its goal is to push the idea of shared responsibility to USAA's 8.5 million members, most of whom are former or active military personnel. He said people need to be vigilant and aware of the information they're giving and who they're giving it to.
Some safety precautions he recommends are creating passwords that have letters, numbers and symbols, not using the same password for multiple accounts, and keeping home computers and mobile devices updated with active firewalls and antivirus software.
People also need to set privacy settings and be aware of what's shared on social media sites because cybercriminals mine pages for personal information, he said.
Because there are so few USAA financial centers, almost all the company's banking is done online.
The security division has developed alerts and applications to keep members secure. CyberCode is a mobile app that creates a personal identification number that changes every 30 seconds. Members can use the pin along with their normal user name and password when logging in to their accounts to add another layer of security.
Members also can sign up to receive text messages when a suspicious purchase is made with their credit or debit cards. With the press of a button, purchases can be approved or denied from a mobile phone.
It's estimated that USAA shuts down about five phishing sites daily. These send emails to members that look like official USAA correspondence but are meant to get members to share personal and banking information to gain access to their accounts.
To counter that, USAA has created a tool called Security Zone, which tags official emails with the member's unique identification information.
Next year, the company will look at moving closer toward a chip and pin system for its credit and debit cards, leaving behind the magnetic stripe technology that's outdated, said Tom Shaw, USAA's vice president of financial crimes.
McAlum said, “Security is a core value here. It's who we are and what we do.”
Read more: http://www.mysanantonio.com/news/local_news/article/On-defense-around-the-clock-team-tackles-online-2244260.php#ixzz1cLL6i1o5