Computer System Best Practices

• To ensure account control, reconcile and review all banking transactions on a daily basis.
• If possible, conduct all online banking activities from a computer system which has security software installed and is not used by additional employees. This is particularly important if you transact high value or large numbers of online transactions.
• Opening emails, opening attachments or clicking on links embedded in suspicious emails could expose your system to viruses and malware. Be cautious when opening emails, especially when they appear to be from a financial institution, government department or agency. Consider adjusting your email settings so that you do not automatically download images.
• Install commercial anti-virus/anti-malware, anti-spyware and desktop firewall software on all computer systems, and be sure to update the software regularly. An actively managed firewall helps to limit the potential for unauthorized access to a network and computers.
• Limit administrative rights on employees’ workstations. This will help prevent the inadvertent downloading of malware or other viruses.
• Computers should be patched regularly. It is particularly important to patch operating systems and key applications, both of which should have automatic updates to prompt you to patch the system.
• Clear your internet browser’s cache before and after an Online Banking session. This helps eliminate copies of web pages that have been stored on the hard drive.

• Be sure to educate your staff about the importance of online safety. In particular, make sure that your employees with bank account access know the best practices for Online Banking.
• Make sure that everyone needing online access has their own User ID and Passwords. Sharing login information should be prohibited.
• Your company administrator should consider having two sets of login credentials. One should be used strictly for administrative purposes (adding new users, resetting passwords, etc.), and the other should be used for everyday transactions (viewing account activity, paying bills, etc.).
• Use dual-control when setting up new users. This will help ensure that the appropriate users are being added to the system.
• Create strong passwords. Use the maximum characters allowed, and be sure to include a combination of mixed case letters, numbers and special characters (when permitted). It is also a good idea to regularly change your password.
• Do not use the same password for multiple sites.
• Remind your staff to NEVER share login information with third-party providers. A Bank of the James employee will never ask you to provide your login information.
• Verify the use of a secure session. Make sure your browser says 'https' and not 'http' for all Online Banking sessions.
• For Business Suite customers, the use of password tokens for online transactions provides an additional layer of security.
• Perform all ACH and Wire Transfers under dual control- have one transaction originator and a separate transaction authorizer to ensure maximum control.
• Encourage your staff NOT to take advantage of automatic login features. It is best to type in your User ID and Password each time you login, instead of using systems that pre-populate the login fields.
• Never leave a computer unattended while using Online Banking. While our Online Banking platform has a inactivity timeout feature, your computer is vulnerable before the timeout take effect and should not be used as the only form of security for an unattended computer.
• Never access Online Banking, or any other financial services at Internet cafes, public libraries, etc. Unauthorized software may have been installed on these public machines, and could be trapping account information without your knowledge.