In a recent article written by Bill Winterberg in the Journal of Financial Planning he highlighted a number of pitfalls that advisors commonly fall into that expose sensitive client data and information to hackers and phishers. By falling into these pitfalls, advisors are unknowingly becoming the tool of the fraudster.

Winterberg noted that the following practices should be given a lot of attention:robber.jpg

  1. How strong are the passwords on all of your electronic devices.
  2. Are you using passwords on PDF because there are inexpensive programs that can easily decode these passwords.
  3. Are you sending sensitive client information via email. If you need to use email, consider a secure email service.
  4. Do you give employees guidance about only browsing secure websites, such as those that use https:// connections or secure connections using SSL or TLS protocols.
  5. Don’t get lulled into the trap of sharing information through social media sites.
  6. Are employees in sales, finance and procurement being well-trained on data security; studies show that employees in these positions are a focus of cyber-attacks.
  7. Have you planned for a data breach; the question is not whether you will be attacked, but when.

These points should certainly kick-start a critical self-analysis. Do you have a password policy that requires passwords of a certain length and characters? How is sensitive client information sent to your clients? Are your employees being trained sufficiently so that they are not used as a hacker’s pawn?

If you do not have robust answers to all of these questions, it is fair to say that you have placed your firm and your client’s sensitive information at risk. Although we may all be victims at some point of a breach, put the odds in your favor and minimize the damage, if any.*

* photo from freedigitalphotos.net