Firms work with investors to mitigate the risk of hackers retrieving sensitive financial and personal information.
When investors seek professional advice about their portfolios, they also want to be assured that their financial and personal information is protected from cybercrime. If wealth advisory firms violate this trust, investors and clients may decide to do business elsewhere. How can wealth advisory firms help protect their investors’ accounts from cybercrimes and fraud? Jeff Kennedy, Executive Vice President & Chief Information Security Officer at Regions Bank in Birmingham, Alabama, offers these tips:
1. Address the Fundamentals
Keep your computer’s software, including security software, up-to-date and apply updates promptly. Limit employee access to just what they need to do their jobs and require them to use strong passwords to access the network. Assess customer-facing systems regularly to ensure they are secure against the latest threats.
2. Don’t Rely on One Control to Stop Cybercrime
One level of cybersecurity isn’t enough to defend against hackers. To keep threats at bay, deploy security controls across workstations, servers, and the network to provide an overlapping view and protection of your environment.
3. Limit Employees’ Nonbusiness Use of the Computer System
Using the company computer system for non work-related tasks can increase the risk of cyber threats. Employees should not install software, visit nonbusiness websites, or check their personal email on their work computers.
4. Require Customers to Log In to a Client Portal to Retrieve Sensitive Communications
Sending statements or sensitive communications directly to customers’ emails can make their accounts more vulnerable to cybercrime. To minimize cyber threats, require customers to log in to a client portal to obtain their financial information and create strong password requirements for their accounts. Customers may find this to be a nuisance at first, so explain how these extra security measures will help protect them.
5. Educate Customers About Cybersecurity
Customers must do their part to protect their accounts against cyber threats. Send newsletters and offer in-person training sessions to help clients understand the risk of cybercrime and steps that can be taken to mitigate their risk.