A CIO’s Security Tip for Financial Advisors
Aware of the potential threats, financial advisers are increasingly utilizing security awareness training for employees, as well as better technological controls, to protect their data.
Indeed, security awareness training ramped up in recent years among FSIs large and small, as a means to prevent cyber-intrusion — particularly as many struggle with infrequent customers access and hold very critical financial data. We believe the paramount risk factor is that financial advisers are also often given access to an FSI’s overall backend financial systems.
Shalom Carmel, GlobalDots’ chief information officer, explained to SC Magazine:
“The biggest risks financial advisers have is the exposure of customer data and of customer access credentials to third parties. The fact is that computing devices belonging to financial advisers are at least as likely to be attacked and compromised as devices belonging to other professionals.”
To this end, Carmel recommended that financial advisers large and small should “encrypt the customer data at rest, use secure channels of communications, use strong authentication methods, have malware detection measures, and separate work environments from home usage,” especially recently with so many more employees working from home.
Carmel recommends that financial advisers have a “dedicated work computer,” to which no one else in their family has access, an encrypted hard disk, a commercial antivirus protection system, strong password and secondary authentications, and the use of a VPN. “Having said that, the most important effect will be by regulation,” says Carmel. “Until the regulatory bodies catch up with the 21st century, too many independent financial advisers will continue to ignore the most basic security measures.”