In addition to our standard security controls, Boston Private recommends that you consider the implementation of the following business and technology security practices to further mitigate the risk of online fraud.
Setting a blanket limit for daily Wire, and ACH/Tax. Current limits are not date specified.
Require dual control for Wire, ACH/Tax payment transactions.
Ensure the authenticity of all Wire/ACH and other money transaction requests – originating from within your organization, especially those in the form of e-mail which can be compromised.
Assignment of user entitlements should be minimized and given only to those necessary individuals.
Accounts should be reviewed and reconciled at least daily to detect any unauthorized transactions.
Require separation of duties, dual controls, etc., over file and transaction creation, submission, and verification/reconciliation.
Consider not allowing or strongly discouraging access to Boston Private’s Online Banking System from home computers.
You will be required to enter a strong passcode with a minimum of 8 characters that will include at least a letter, a number, and a special character, and is case sensitive. You will not be able to use a dictionary word, and if the passcode is deemed to be weak, you will be required to enter another passcode. Passcodes should never be shared, written down or stored on the computer. Consider changing the passcode a few times each year. Avoid using automatic login features that save your username and passcode.
Always completely log out from your Online Banking session. To properly close out the browser session, clients must click “Log Out”.
Enable a password protected screensaver after a short period of idle computer inactivity. This protects against an unattended computer with an established session where the client has left the PC for some period of time.
Boston Private offers Online Banking protection software from Trusteer, a leader in online security, free of charge. Trusteer Rapport helps to prevent fraudulent activity within your computer’s browser when using our Online Banking System. Once downloaded, Trusteer Rapport will:
E-mail over the Internet is inherently insecure. Adopt the following practices to help minimize the risk of being the victim of fraudulent e-mail scams:
Install a dedicated, actively managed firewall. A firewall limits the potential for unauthorized access to a network and computers. Enable logging of outbound connections to control and monitor traffic leaving your company’s computer network. At a minimum, log outbound traffic to the Boston Private Online Banking Website and maintain each log for at least one month.
Use current versions of the operating system and applications on your company computer(s) and ensure that security patches are up-todate. Most major software companies regularly release updates or patches to their software or operating systems to repair security problems. Some companies, such as Microsoft, offer you the ability to automatically receive these updates. All other vendor software updates can typically be found on their website.
Computer security programs including firewalls, anti-virus programs,, and anti-spyware programs should be kept current. Ensure that your company computer(s) have anti-virus and antispyware protection and make sure these programs are updated regularly. Also, scan your computer(s) for viruses and spyware at least once per month.
If you use wireless networking, secure the network with the practices listed below to reduce the risk of being hacked by a wireless intruder:
Do not download or run software from unknown sources. This applies both to software available on the Internet and sent via e-mail. Installing software from unknown sources increases the probability of installing malicious code or accepting computer viruses. Limit administrative rights on your computers to prevent the inadvertent downloading of malicious software or other viruses.
You are leaving the Boston Private website. By clicking "Continue" below, you will enter a website created, operated, and maintained by a private business or organization. Boston Private provides this link as a service to our website visitors. We are not responsible for the content, views, or privacy policies of this site. We take no responsibility for any products or services offered by this site, nor do we endorse or sponsor the information it contains.