FDIC-Insured — Backed by the full faith and credit of the U.S. Government
Search    
menu

Online Security Best Practices for Businesses

Establish a Security-First Culture

  • Train employees regularly on cybersecurity awareness
  • How to handle and protect sensitive data
  • Verify everything, even internal requests to transfer funds

Use Strong Passwords and Authentication

  • Avoid common words, phrases, or personal information
  • Use a mix of uppercase, lowercase, numbers, and symbols
  • Require complex, unique passwords for each account
  • Avoid writing passwords down or saving them in unsecured files
  • Promote the use of password managers to store/generate strong passwords
  • Require multi-factor authentication (MFA) (SMS code, authenticator app, biometric) for all critical systems
  • Implement single sign-on (SSO) solutions where possible

Keep Systems and Software Updated

  • Apply security patches and updates promptly
  • Use automated patch management tools
  • Regular backups of data and testing restoration of data
  • Regularly audit and remove unused or outdated software

Secure Your Network

  • Use firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs
  • Secure Wifi
  • Segment networks to limit access to sensitive data
  • Monitor network traffic for unusual activity
  • Restrict internet usage to necessary sites
  • Have a cyber incident response plan

Control Access and Privileges

  • Follow the principle of least privilege
  • Use role-based access control
  • Regularly review and revoke unnecessary access rights

Secure Third-Party Relationships

  • Vet vendors for their security practices and limit/restrict access to your network
  • Monitor third-party access and integrations

Foster Continuous Improvement

  • Conduct regular security assessments
  • Stay informed about emerging threats and security trends

How to Keep Your Accounts Safe

Be Cautious with Email and Links

  • Do not click on suspicious links or attachments
  • Verify sender addresses and look for signs of phishing
  • Report suspicious emails to your IT or security team

Monitor Account Activity

  • Regularly review login history and account changes
  • Regularly review and enable account features and alerts that may help you protect your account (ie, email/phone # changes, added users, account activity)
  • If something doesn’t look right, report it immediately to your financial institution or credit card company

Log Out of Shared Devices

  • Always log out when using public or shared computers
  • Avoid saving login credentials on browsers in shared environments

User Access Controls

  • Dual Approval for transactions
  • Out of band authentication
  • Establish $ limits for transactions
  • Limit Administrator profiles

Store and Dispose of Information Securely

  • Sensitive information like bank account numbers should be encrypted or stored using secure methods
  • Shred documents that contain your account number, including debit cards
  • Never email sensitive account/personal information; use secure email

Find your Carrollton Bank

©2025 Carrollton Bank

Equal Housing Opportunity

Third Party Site Disclaimer

You are leaving Carrollton Bank's website and will be redirected to another site. Carrollton Bank makes no endorsement or claims about the accuracy or content of the information contained in these sites. The security and privacy policies on these sites may be different than Carrollton Bank.

« Cancel Continue » ×

Warning!

Regular email is not secure. Please do not include any personal or financial information when contacting Carrollton Bank via email.

« Cancel Continue » ×