Six habits that protect your money without making banking inconvenient.
Banks have very strict internal rules about how their staff use online banking. Most of them transfer cleanly to personal use without making banking harder. Six habits below — they take five minutes to set up once and pay off every time you check your balance.
Pick the device you trust most — usually your home laptop or your personal phone — and never use anything else for banking. Don't bank from a shared family iPad, a work computer, or a hotel-lobby PC. The fewer places your banking credentials are typed, the smaller the attack surface.
Bank apps are sandboxed by iOS and Android, harder for malware to read, and use biometric auth (face / fingerprint) by default. Browser banking is the legacy path and is genuinely less safe. If your bank has an app, use it; install it from the official App Store / Google Play, not from a link.
If your bank emails you about anything that requires a login, do not click. Open the app, or open a new browser tab and type the bank's address yourself. The single most common bank-credential theft happens through emails that look perfect.
In the app's settings, enable push notifications for: any login from a new device, any payment over $50, any change to your contact details. The whole point is that if a criminal logs in, you find out within seconds — not at the end of the month.
Most banks let you cap the maximum you can move in a single day. Set it to roughly what you'd realistically transfer in normal life — $5,000 is enough for most personal banking. If a criminal does get in, the limit caps the damage.
On the browser, click Log Out when you're done — don't just close the tab. On the app, lock the phone immediately after. Modern banking sessions can stay alive for hours; an active session is what an attacker who steals the device exploits.
Banking safety overlaps heavily with card safety and phishing. Read across.
Business banking is usually the highest-value target a criminal goes after. whedo.it reviews how your business banks — devices used, who has access, signing limits, supplier-payment process — and tightens it without changing how you work.
A Support Representative will get in touch.
A Support Representative will be in touch the same business day.
No deck, no pitch — walk your environment with a senior Australian practitioner. Confidential by default.
I built this business because I wanted to do Managed services properly — for a small number of clients, at a senior level, with the same person on the end of the phone every time. The work is too important and the stakes are too high for anything less.
Behind the formal qualifications: a Cyber Security degree from the University of the Sunshine Coast, currently working on my Master’s, plus a continuous stack of Microsoft, Acronis and Nerdio certifications — the ones that have to be renewed because the threats don’t stay still.
Behind the certifications: thirty years of doing the work. I cut my teeth in consulting, then went to Cisco on the team building the original iPhone — Cisco’s VoIP handset, the trademark Apple later acquired in the 2007 settlement. At TPG in 1999 I sold frame-relay networks when frame-relay was the cutting edge of business connectivity. I built and sold a Sydney-based MSP called Online IT before relocating to Perth.
Three decades of watching what’s actually changed and what hasn’t. The technology has changed almost beyond recognition. The principles haven’t. Identity first. Backup that has actually been tested. A senior practitioner who knows your environment. Calm in an incident. Honest answers when the answer is “no.”
That’s whedo.it. That’s the brief. That’s why long-tenure clients don’t leave.
— Warren Ephron, Director