| Booklet:
FedLine®
Section: Recommended Security Settings |
|||||||||||||||||||||||||||
Action Summary
MISCELLANEOUS
SECURITY SETTINGS
The LA application, “Entry/Update” function screen 99, allows
the LSA to establish the following local administration access options
applicable to all FedLine applications, including the FT application.
USER
ID SUSPENDED AFTER XX CONSECUTIVE BAD PASSWORD RETRIES
This setting specifies the maximum number of consecutive invalid sign-on
attempts before the local user ID is suspended. This prevents an unauthorized
person from trying to guess the password of a legitimate user by limiting
the number of invalid password attempts.
The recommended setting is “3”.
USER
MUST CHANGE PASSWORD EVERY XX DAYS
This setting specifies the maximum number of days that operators can use
their password before they must change it.
The recommended setting is “30”.
VERIFICATION
RULE
This rule sets the message verification requirement. This rule can prevent
the origination of unauthorized, and potentially fraudulent, messages
by requiring more than one person’s involvement the generation of
funds transfer messages. The following options are available:
|
|
N – No restriction (Very high risk) – This option allows the operator entering or updating a message to also verify the same message. There is no dual control for funds transfers if this option is chosen. |
|
|
U – Verifying operator cannot be the last operator who updated the transfer. This option prevents the last operator who entered or updated a transfer from verifying that same message. It would allow the original operator to verify the transfer if it was changed by a second operator. |
|
|
E – Verifying operator cannot be operator who entered or updated the transfer. This option prevents any operator who entered or updated a transfer from verifying that same transfer. |
Note: Settings “E” and “U” will only apply if the “Verify Thresholds” parameter is appropriately set to $0.00 (or threshold amount approved by the Board of Directors and noted in the minutes) for both accountable and non-accountable messages (see “Verify Thresholds under Update Funds Application Attributes”). This rule will affect all message types requiring verification including funds transfers, large dollar check returns, and Treasury, Tax, and Loan (TT&L) transactions.
The recommended setting is “E,” however “U” is acceptable.
OVERRIDE
AND RELEASE RULE
This field indicates the level of restrictions placed on overriding or
releasing transfers. This potentially allows users to bypass verification.
Only operators with the “Supervisory access” level have the
ability to perform the “Override” function. The following
options are available:
|
|
N – No restriction on “Override” or ”Release” – Any operator with the supervisor function access level can override or release the verification of a transfer regardless of any previous processing performed with the exception of messages that have a status of “Queued for Transmission (TQ)” or “Marked for Correction (MC).” |
|
|
U – Limited restriction on ”Override” or “Release” – The operator overriding or releasing the transfer cannot be the operator who last updated the message. |
|
|
E – Full restriction – The operator overriding or releasing the transfer cannot be the operator who entered or updated the message. |
The recommended setting is “E,” however “U” is acceptable.
USER
ID WILL BE SIGNED OFF AFTER XXX MINUTES OF INACTIVITY
This timeout parameter minimizes the amount of time a terminal remains
active if a user forgets to signoff. It causes the system to revert to
the FedLine sign-on screen after a specified amount of time during which
no keystrokes have been entered at the PC (can be set between 0 –
999 minutes of inactivity).
The recommended setting is “10” minutes.
SUPPRESS
THE CHECK FOR POSSIBLE KEYBOARD EAVESDROPPING
This feature allows the FedLine PC to detect whether another application
program is operating in memory simultaneously with the FedLine software.
If another program is detected, the FedLine PC will issue a warning message
that another program has been detected and will suspend operation. The
following options are available:
|
|
No – Not suppress monitoring for possible keyboard eavesdropping. |
|
|
Yes – Suppress monitoring for possible keyboard eavesdropping. |
The recommended setting is the default value “No.”
CYCLE-DATE
ROLLOVER’S PRINT-DELETE OPTION
The cycle-date rollover process automatically deletes all unsent messages
that were queued for transmission since the last cycle-date rollover.
Prior to their deletion from the FedLine PC, each message is listed in
the cycle-date rollover report. The user may choose from two report options.
|
|
Full – The complete details and unabbreviated content of all unsent messages are included in the cycle-date rollover report. |
|
|
Summary – The details and content of each unsent message are condensed into a single line summary and listed in the cycle-date rollover report. In the event that full message details are subsequently needed, it would then be necessary for the FedLine operator to revert back to the paper audit report produced at the time of the transaction. |
The recommended setting is the default value “Full.”
UPDATE
FUNDS APPLICATION ATTRIBUTES
The FT application,” Managerial” function screen 96, allows
the LSA or staff assigned the FT “Managerial” access level
to update the funds transfer application attribute parameters for verification
thresholds, duplication of reference fields, and holding accountable messages
from transmission.
VERIFY
THRESHOLDS
The “Verify Thresholds” field sets the specific dollar amount
threshold requiring verification for all outgoing accountable and non-accountable
funds transfer messages. Accountable funds transfer messages are payment
orders with an “Input Message Accountability Data (IMAD)”
key assigned at the time staff verifies them and queues them for transmission
(TQ status). Non-accountable funds transfer messages are administrative
in nature rather than payment orders. These messages are service messages
that typically do not contain funds transfer dollar amounts. However,
non-accountable messages may contain instructions modifying or correcting
prior messages designated accountable, including modifying dollar amounts,
routing, and account numbers.
Verification refers to designated fields that must be re-keyed by a second operator. If the institution should decide to set the verification level at any amount greater than $0.00, the board of directors should approve the amount and not their approval in the board minutes. An amount of $99,999,999,999.99 in the “Accountable” and “Non-Accountable” threshold fields indicate that there is no requirement for verification by a second operator.
Note: The “Verification Threshold” settings for accountable and non-accountable messages cannot be blank. The system requires a numeric value or it displays an error message.
The recommended verification threshold setting is $0.00 for both accountable and non-accountable messages, requiring the verification of all funds transfer messages by a second operator.
OK
TO DUPLICATE A REFERENCE FIELD
The “OK to Duplicate a Reference” field allows the system
to automatically check for reference numbers. The reference field can
be used to cross-reference FT messages to their corresponding source documents
when initially entered or updated. Depending on the setting selected,
this edit check can prevent the creation of duplicate transfer records
from the same source document. . The following options are available:
|
|
N – Not okay to duplicate a reference field (check for duplicate reference numbers). |
|
|
Y – OK to duplicate a reference field. |
The recommended setting is the default value “N.”
AUTOMATICALLY
HOLD ALL ACCOUNTABLE MESSAGES FROM TRANSMISSION
The “Hold Accountable Messages” field provides an enhanced
control option, typically only used for an emergency or contingency situation,
which the LSA sets to automatically hold all accountable funds transfer
messages from transmission (including those with verified status). During
normal operations, verified accountable messages should be sent to the
Federal Reserve Bank host computer automatically for processing. Holding
all accountable messages may create a backlog of valid funds transfer
messages until released by authorized staff. Depending on the volume of
funds transfer activity, automatically holding all verified accountable
messages may not be operationally feasible and should only be used after
carefully considering the potential effect on operations. Staff members
assigned “Supervisor” access level within the FT application
are authorized to invoke the “Message Status Override” function
to release the held messages. The following options are available:
|
|
No – Do not hold accountable messages. Messages are automatically queued for transmission. |
|
|
Yes – Hold accountable messages, requiring staff with “Supervisor” access level within the FT application to perform the message status override function to release messages for transmission. |
The recommended setting is the default value “No.”
UPDATE
VERIFY FIELDS
The FT application, “Managerial” function screen 93, allows
the LSA or staff assigned the FT “Managerial” access level
to update the verification fields applicable for the FT application.
VERIFICATION
FIELDS
The LSA, or other staff assigned FT managerial access designates specific
funds transfer message fields that require verification by a second operator,
by placing an “x” in each field requiring verification. Verification
can range from requiring verification for all fields to not requiring
verification of any field. If the fields do not have an “x,”
the second operator does not have to re-key any information, however a
second operator would still have to provide sight verification before
releasing for transmission to the Federal Reserve Bank.
The
recommended verification fields setting should be verification of the
dollar amount field, at a minimum. However, the financial institution
can strengthen dual control with each additional field requiring verification
so it should also consider requiring the verification of account number,
routing number, etc.