- How GRB Protects Your Information
- Online Transaction Safety
- Internet Explorer Vulnerability - 5/1/14
- Windows XP Support Discontinued - 4/8/14
GRB is committed to protecting the personal information of our clients. GRBonline uses several different methods to protect users' information, including multifactor authentication, secure tokens, and anomaly detection software. Additionally, all information within GRBonline uses the Secure Socket Layer (SSL) protocol for transferring data. SSL is a cryptosystem that create a secure environment for the information being transferred between your browser and GRB. All information transferred through GRBonline has 128-bit encryption; the highest level.
GRB will never request personal information by email or text message, including account numbers, passwords, personal identification, or any other confidential customer information. Fradulent emails may be designed to appear as though they originated at GRB. DO NOT respond to any email that requests personal or confidential information and do not click on any links in such an email.
If we contact you, it will be done in a manner that protects your personal information and we will clearly identify ourselves. If you contact us, we may ask verifying questions.
Federal financial regulators are reporting that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.
In order to ensure the security of your online transactions, we want you to know that:
- We will never email, call, or otherwise ask you for your username, password, or other electronic banking credentials
You can help protect yourself by implementing alternative risk control processes like:
- Making sure you choose an adequate user name and password that, at minimum, mixes in small case letters, upper case letters, and numbers
- Periodically changing your password (e.g.., at least every 90 days)
- Safeguarding your username and password information
- Having current anti-malware and anti-virus software
- Making sure you have a firewall in place when conducting your financial transactions
- Logging off the system when you're done conducting business (don't just close the page or "X" out of the system)
- Monitoring your account activity on a regular basis
In addition, we may require owners of commercial accounts to perform their own risk assessments and controls evaluations. For example:
Make a list of risks related to online transactions that your business faces including:
- Passwords being written down and left out in the open
- The use of old or inadequate passwords
- The possibility of internal fraud or theft
- Delays in terminating the rights of former employees
- The lack of dual controls or other checks and balances over individual access to online transaction capabilities
An evaluation of controls your business uses may include:
- Using password protected software to house passwords
- Conducting employee background checks
- Initiating a policy and process to terminate access for former employees
- Segregating duties among two or more people so no one person has too much access or control
- Conducting internal or third party audits of controls
- Using firewalls to protect from outside intrusion or hackers
Federal regulations provide consumers with some protections for electronic fund transfers. These regulations generally apply to accounts with Internet access. For example, these federal laws establish limits on a consumer's liability for unauthorized electronic fund transfers. They also provide specific steps you need to take to help resolve an error with your account. Note, however, that in order to take advantage of these protections, you must act in a timely manner. Make sure you notify us immediately if you believe your access information has been stolen or compromised. Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of protections. These disclosures are also available from GRB - ask us and we will gladly provide you with a copy.
If you become aware of suspicious account activity, or receive any suspicious emails, you should immediately contact GRB at
Microsoft has released information on a zero-day vulnerability in versions 6 through 11 of Internet Explorer. This vulnerability, if exploited, would allow an attacker remote control of a workstation with the same rights as the user. An attacker would have to lure a potential victim to a malicious website to exploit the vulnerability.
Microsoft released a patch on 5/1/14 to correct the issue (Microsoft Security Bulletin MS14-012). GRBonline customers utilizing Internet Explorer are strongly encouraged to download and apply this patch.
As of April 8, 2014, Microsoft will no longer offer technical assistance or provide security updates for the Windows XP operating system. Given that security updates for Windows XP are no longer provided by Microsoft, it is expected that Windows XP computers will be increasingly vulnerable to viruses, malware, and other malicious software that can compromise your information.
Although GRB has security measures in place to protect your information, we advise that you do NOT use a Windows XP computer for online banking and upgrade to a newer operating system.