The OGO Blog

What are the FFIEC Backups and Data Vaulting Requirements?

Keeping up with the multitude of options available for backups/data vaulting can be a challenge for even the most tech savvy Credit Union CIO. Not only are there different strategies (3-2-1, Full, Differential, Incremental, Mirroring, etc.) but other things like your existing infrastructure, location of storage options and RTO/RPO’s make this an especially difficult strategy…

Read More

Know Who To Call AFTER You Dial 911 – Credit Union Crisis Communications

Credit Union Crisis Communications Communication is the key in any relationship or situation. Being open and honest and upfront speaks volumes.The more time you spend preparing, the less time it takes to provide a quick response. Roles and responsibilities should be setup ahead of time though you won’t have all of the particulars defined. Templates…

Read More

Get Out! – Evacuation Best Practices For Credit Unions

Imagine yourself sitting at your desk diligently working away when all of a sudden… the fire alarm sounds. What is your first reaction? Do you get up and evacuate the building? Do you sit there thinking… Is it a real fire or a false alarm? It is imperative that you obey the alarm and get…

Read More

NCUA AIRES IT Questionnaire – Preparing for Your Exam

There aren’t many times in your life when you’ll be preparing for an exam and the “teacher” hands you the questions ahead of time.  NCUA examiners use an Automated Integrated Regulatory Examination System (AIRES) to complete examinations of all types and lucky for us the questionnaires are publically available on the NCUA website. In today’s post…

Read More

Credit Union Information Security – Where To Start?

As a CUSO providing disaster recovery and production IT services, Ongoing Operations works with hundreds of Credit Unions during the course of the year. And true to the grassroots nature of the industry, we like to share forward information that will help your Credit Union create IT efficiencies, improve recovery strategies and tighten security/controls. During 2014, there…

Read More

The Forgotten Safety Drill – Shelter In Place

“Shelter-in-place” means selecting an interior room or rooms within your facility, or ones with no or few windows, and taking refuge there. In many cases, local authorities will issue advice to shelter-in-place via TV or radio. Procedures for “shelter-in-place” may include similar items, not necessarily in this order: Close the branch or entire business. Lock…

Read More

OGO Risk Alert – POODLE Vulnerability

Background On October 14, 2014, it was publically confirmed that Google security researchers Thai Duong, Bodo Moller and Krzysztof Kotowiczis have discovered that millions of browsers may be vulnerable to a security flaw named “POODLE” – Padding Oracle On Downgraded Legacy Encryption. The flaw exists in version 3 of Secure Sockets Layer (SSL) and could…

Read More