Cybersecurity is a growing concern for governments and businesses as criminals look to steal everything from trade secrets to banking passwords. For financial advisors, a robust cybersecurity solution is especially important since they control important financial accounts on behalf of their clients.
Here are three top tips on how to avoid a cyber-catastrophe by protecting data, using secure connections, and ensuring all loose ends are tied up. (For related reading, see: 7 Cybersecurity Tips for Financial Advisors.)
Use a Secure Connection
The widespread availability of free downloadable programs designed to hack WiFi passwords has made breaking into corporate networks and computers easier than ever. When laptops connect to free WiFi at coffee shops or libraries, accessing sensitive data becomes child's play. Sometimes, it’s simply a matter of opening up a folder that someone is unknowingly sharing through Apple’s AirDrop or Microsoft-supported programs like SHAREit.
These problems can be avoided by securing corporate WiFi connections and ensuring that proper security measures are taken when using public WiFi.
When it comes to corporate networks, routers should be set to use WPA2 encryption and a strong, difficult-to-guess password rather than the less-secure WEP encryption and easy passwords. A password generator is often the best way to create secure passwords. Those wanting more security can also buy WiFi blocking panels to limit signals to the office. (For related reading, see: SEC to Advisors: Implement Cybersecurity Plans.)
When using public WiFi, consider using a VPN like SecurityKISS to encrypt traffic and make it more difficult for criminals to intercept. It’s also a good idea to ensure that shared folders and devices — like printers — are disabled. Finally, there are a number of browser extensions that are designed to protect against session hijacking, like Disconnect.me. Users should always use HTTPS connections for important transactions.
Secure Important Data
Cybersecurity experts agree that any device connected to the Internet is vulnerable to attack by criminals regardless of the security installed. As a result, the only surefire way to protect data against an attack is to disconnect it from the Internet. Workers who need information to be accessible online should use secure cloud storage services like Tresorit that provide AES256 bit end-to-end encryption and hold data in Swiss and EU data centers.
Some companies may also want to consider isolating sensitive customer data on an internal server that’s disconnected from the Internet and can be accessed through secure means. These practices can be especially helpful when storing archived customer data for compliance reasons — data that doesn't need to be accessed on a regular basis.
Finally, it’s important to keep laptops, mobile devices, and USB drives secure in the event that a theft takes place. Apple’s FileVault and Windows BitLocker both provide whole disk encryption that prevents unauthorized access if a laptop or computer is stolen. Many USB drives come with similar encryption that renders the information inaccessible by thieves. (For more, see: Financial Advisors Are Feeling Cyber-Insecure.)
Get Outside Help
A final step in avoiding a cyber-catastrophe is getting some outside help from a computer security firm. After all, secure connections and devices are useless if they aren’t properly configured.
These firms, by setting up guidelines for all employees to follow to put security first, can also help ensure that individuals aren’t putting data at risk by mixing home and business data or using weak passwords on linked accounts. Training seminars and other events can help reinforce these practices to make a cyber-catastrophe far less likely.
The Bottom Line
Cybersecurity is a growing concern for all entities as criminals look to steal everything from trade secrets to client account passwords. Financial advisors can avoid cybersecurity problems by using secure connections when accessing information online, securing important data from theft, and getting outside help to ensure everything is set up properly. Doing all this could very well help these professionals avoid a cyber-catastrophe. (For related reading, see: Educating Clients About Cybersecurity.)