Best Practices

woman a tworkstationThe following Best Practices are intended to facilitate accurate, efficient, and secure communications, and ensure compatibility in technology and software for both CU*Answers clients and our vendor partners.

These are intended to be guidelines to allow for smooth and accurate processing. Although exceptions are sometimes made, we will not compromise on issues that involve security and safety of our network and the critical data it protects. For protocols, equipment or connectivity that deviate from these guidelines, be aware that you may incur additional programming and setup costs in order to ensure our strict security requirements are met.

Because technology is constantly changing and evolving, so will these guidelines. For CU*Answers clients, always check here first when considering a new vendor or interface. Choosing a vendor that already adheres to these guidelines will save your credit union time and money and make for a smooth implementation.

For lists of vendors for specific interfaces, such as ATM switches, OTB vendors, or loan form providers, please see Project Management.

CU*BASE Network, Hardware, and Training Specifications
Preparing Your Network For CU*BASE GOLD and requirements for training sites

Certifying a New Operating System
This document outlines a typical set of procedures used to evaluate a new Microsoft Windows operating system for use with CU*BASE GOLD and its related software tools.

Changing CU*CheckViewer Passwords
Guidelines for the password that is used to gain access to the CU*CheckViewer application and view electronic images of cancelled member checks.

Communications Protocols For File Transmissions
For Files from Third-Party Vendors (Drafts, ATM, Payroll, etc.)

CU*CD Password Guidelines
Rules for creation of passwords in order to maintain a high standard of security.

File Format Specifications For Files From Third-Party Vendors
(Drafts, ATM, Payroll, etc.)

Integrating Third Party Applications with CU*BASE GOLD
These guidelines are designed to assist credit unions who would like to link CU*BASE GOLD to third-party applications.

Recommended CU*BASE Security Access for Neighborhood Mortgage Solutions (NMS)
Guidelines for CU*BASE Employee Security settings that CU*Answers recommends for interactions with a third party servicer, in this case Neighborhood Mortgage Solutions (NMS).

Release of Unencrypted Credit Union Member Information
Guidelines to address situations where a client requests release of unencrypted member information (such as monthly reports or statements) via any medium (such as CD-ROM, diskette, plain-text email, printed reports, etc.).

Secure Document Exchange with It’s Me 247
Pertaining to the exchange of, or request for, secure documents between It’s Me 247 and third-party IP vendors or home banking providers.

Self Processor iSeries Specifications
Preparing iSeries For CU*BASE

Single Sign On (SSO) Integrations with CU*Answers Tools
Single Sign On (SSO) integrations allow a member (or CU employee) to authenticate once, and from there click a simple link to access separate websites and tools without the need to remember or type user names and passwords over and over again.

Supported Media Types
For CU*BASE Conversions and Other Vendor Interactions

Network Security

Maintaining the confidentiality of clients is paramount to success, and the security of a network influences most other aspects of an organization. These documents give an overview of how to achieve a secure network.

Network Security Precautions at CU*Answers
Maintaining system integrity and security is a top priority at CU*Answers. Significant effort is made in establishing and maintaining a secure infrastructure.

Secure Data Exchange Integration Form
This form should be filled out by the requestor and submitted to cryptoapi@cuanswers.com via PGP encrypted e-mail. The public key for cryptoapi is available for download at Idap://keyserver.pgp.com.

Secure Data Exchange with CU*Answers’ CU*CheckViewer
Data must be kept confidential, proper authentication mechanisms must provide non-repudiation, and integrity checks must ensure the data has been unaltered in transit.

Updated
July 6, 2023