The theory is that, if the “online banking only” computer is only used for online banking and nothing else, the computer is less likely to be infected with viruses, key loggers, and other malicious software.
Having two computers comes at a huge cost to convenience for the people in your office that need to perform online banking. That means they need to have two computers at their desk. They could use a KVM switch to use their same keyboard, monitor, and mouse to switch back and forth between the computers.
Your IT professional might be willing to set up a virtual machine on the regular machine to use for online banking, but IT will still need to keep that virtual machine current with patches and protected with anti-virus. The end-user may become confused using the virtual machine and reject the idea completely.
Controls would probably need to be put in place to limit access to banking web sites to the single machine so no employees ever “cheat” and use their own workstation to access online banking.
On a positive note, an inexpensive computer would be more than enough to handle the online banking, and there are tools like Microsoft’s Microsoft Steady State and Deep Freeze (http://www.faronics.com/html/deepfreeze.asp) that can help lock the machine down to a single purpose and help protect from infections.
Do you dedicate a single computer for your online banking tasks? What is your response to the ABA’s advice? Please add your comments to the blog.