At the Frontline: Members 1st Federal Credit Union's Chip McBreen

Bank security chief discusses industry security challenges, implementing new technology


We are really just starting to deploy this technology to help combat this type of scam. The camera systems are extremely important, so we get good shots of the individual perhaps placing (the skimming device) on the ATM. At all of my branch ATMs, I have deployed two cameras - one camera inside the ATM and one camera under the overhang outside the ATM in order to get a license plate shot or a shot of someone who may be tampering with the unit.

With so many branches in different locations, what are some of the challenges you face in streamlining your security operations?

Each branch - even though it acts independently of the others - is able to be tied together with an enterprise system through a special 3VR server. Because we are tied into one place, it enables me to do enterprise-wide searches instead of having to search each individual recorder separately. That saves huge amounts of time. The deployment of an enterprise-wide server has made this chore of tying the systems together so much easier on my side and it still allows the branch to be independent.

With so many cyber criminals attempting to hack into bank systems and the accounts of customers, what are you doing online to protect the assets of Members 1st and its customers?

We have a number of different firewalls, filters and programs and applications that monitor our network constantly. We do penetration testing on a regular basis - not only with our network, but also with physical penetration in social engineering. We do that on a regular basis - a couple of times a year we pay folks to try and penetrate our network either from the outside wireless or through social engineering or some other means to check our vulnerability. We would much rather have our vendor break in and tell us where we are weak, than have somebody else break in and steal something.

What are your thoughts on different types of policies that banks have taken to deter robberies, such as not allowing hats or sunglasses to be worn? Do they work?

We have employed the same policy. We put a sign on the front door of our branches asking members to please remove their hats or sunglasses when they enter the branch and we are very upfront and honest with them about it. We are trying to get your picture and those items make it more difficult. We are a very member-oriented organization - we greet our members when they come in the door, we are very friendly to them and we are very focused on consulting with them on how we can best serve them. But our management is supportive of us because they realize… that (a bank robbery) is a life-or- death situation for the staff. Even the most innocent or benign robbery is a life-or-death situation and so we train our associates very rigorously on how to react to this type of event and how to look for some of the signs before it occurs. A member who is trying to hide his face from a camera behind the teller line may be much more than someone just having a bad hair day.