140 likes | 220 Views
Lessons Learned. Data and Asset Security FOCUS Spring 2006 Chuck Banner UVA-Wise. Primary Areas of Interest. Banking Credit Cards Cash Handling Web Based Transactions. Banking. Unauthorized Checking Accounts Recognized Student Organizations Student Groups Faculty Sponsored Groups.
E N D
Lessons Learned Data and Asset Security FOCUS Spring 2006 Chuck BannerUVA-Wise
Primary Areas of Interest • Banking • Credit Cards • Cash Handling • Web Based Transactions
Banking • Unauthorized Checking Accounts • Recognized Student Organizations • Student Groups • Faculty Sponsored Groups
Banking • Steps to take for unauthorized checking accounts: • Annually review with all local banks any use of tax identification numbers • Talk with student organizations about their options for handling their finances • Remind faculty members of the liabilities involved with improper use of tax identification number and the repercussions
Credit Cards • Where are they on my campus? • Who is responsible for them on my campus? • What has been done to properly monitor usage? • How are transactions being processed?
Credit Cards • Proper training of all areas which accept credit cards for payment • Working knowledge of PCI-DSS • Annual required training on PCI-DSS • Ensure compliance with college, university and Department of Accounts (DOA) policies and procedures
Credit Cards • Proper installation of terminals • Establish user codes to identify the user who processed the transaction • Require training of any new employee who processes credit card transactions • Conduct annual “reviews” of campus wide credit card locations
Cash Handling • Timely depositing of funds • Unauthorized “Petty Cash” funds • Departmental materials charges
Cash Handling • Ensure all areas which handle cash or checks are familiar with the depositing requirements • Some Examples: • An area holding deposits taken during spring orientations until summer • A professor collecting educational “trip” deposits and holding funds until the time to pay for the trip
Cash Handling • Keep your eyes and ears out for “Petty Cash” funds • Listen to students, faculty, and staff. You can learn many things. • Sometimes the guilty will tell on themselves. • Verify authorized petty cash accounts and amounts regularly
Cash Handling • Departmental “Materials” Charges • Look at departments that have consumable items • Once again listen to students
Web Based Transactions • Areas taking credit card transactions via the web seem to crop up overnight • When credit cards are being used the customer needs to know who they are dealing with
Web Based Transactions • Some questions need to be asked about these transactions: • Who authorizes areas to use a third party vendor to handle these transactions? • How will the college or university receive any funds collected? • How will you verify whom the funds are for and how they are to be applied?
Wrap Up • Questions or comments?