10 Information Security Tips to Protect Your Clients and Your Business

Posted by Sean Mackey

October 18, 2016 at 10:00 AM

information security tipsTechnology certainly makes life easier, but it has also introduced a host of new threats to the security of our personal information. Since October is National Cyber Security Awareness Month, we thought it would be an ideal time to share 10 information security tips to help protect your clients and your business.

1) Use a Password Manager

How many passwords do you have for your online accounts? (Hint: The average American has 130 online accounts!) Writing them all down is not a recommended solution. Instead, password managers offer an easy way to protect your online identity. These programs store your credentials in a single, secure place—like the cloud—and can be accessed via browser extensions or desktop and smart device apps. Want to learn more? Check out my recent post here.

2) Enable Multifactor Authentication

Multifactor authentication is one of the hottest phrases in the world of cyber security—and for good reason. Rather than relying on a password alone, this feature requires you to provide two forms of identification to log in to an account. This often comes in the form of a PIN that’s sent to your phone or a USB drive that acts as a second “key.” By enabling this security feature when available, you’ll have two safeguards in place, which can go a long way in helping upgrade your online security and protecting important personal information.

3) Vet Your Vendors

Your clients rely on you to protect their sensitive information, and it’s your responsibility to perform due diligence when evaluating any vendor that will have access to such information. To make an educated choice, you need to know whether vendors’ network security meets industry standards, how they handle physical security, if they have effective controls in place to ensure privacy and confidentiality of data, and much more. To find out all the questions you should be asking, read our post on vetting that vendor.

4) Replace Outdated Computers

Although it can be expensive, if you’re using a desktop or laptop that is more than five years old, you should consider replacing it. Why? Many crucial security updates will not work on older machines. By working on new, fully capable hardware and software, your confidential data will be better protected by the most secure operating systems, web browsers, and applications.

5) Create Strong Passwords

As I mentioned earlier, you have a lot of passwords to keep track of. So, what exactly do I mean by strong? Passwords made up of at least eight upper- and lowercase letters, numbers, and symbols. Still not sure where to begin? We’ve got some tips that might help.

6) Properly Dispose of Sensitive Information

From a security (and environmental) standpoint, e-waste disposal needs to be performed with care. So before recycling or disposing of your old computer—which may contain years of e-mail, document, and image files—first remove all the data. You can do this yourself, using tools like DriveEraser, or find a legitimate firm that can properly and securely process e-waste.

7) Install an Enterprise-Level Firewall

Some experts believe that the number-one tool for preventing a cyber attack is a strong, enterprise-level firewall. You might think of this hardware as the moat around your business’s castle of information. Placed between your network and the outside world, a strong firewall vastly increases the difficulty of breaking in.

8) Develop Information Security Policies

In 2016, the SEC has been conducting exams of broker/dealers and investment advisers of all shapes and sizes to evaluate their information security policies and procedures. This highlights the importance of developing such policies for your business. Further, by ensuring that every member of your office follows the same prudent guidelines for protecting any sensitive information, you can add a valuable layer of protection against would-be criminals. So from document/CD shredding, to end-of-day procedures (e.g., locking file cabinets, turning on alarm systems), to office visitors like vendors and cleaning crews, be sure to document how every process should be handled.

9) Encrypt Your Data

If your data falls into the wrong hands, you want to make sure it’s unusable or unreadable; that is, you want to make sure it’s encrypted. Keep in mind that data backed up on external hard drives or thumb drives can be particularly vulnerable. Although many of the drives currently on the market come pre-encrypted, if you have one that isn’t, you might consider using a product like Symantec Drive Encryption to safeguard your data.

10) Install Anti-Malware Software

Malware is a major source of cyber theft, not to mention the headaches it can cause computer users. Strong, frequently updated anti-malware protection can help keep your computer clean and safe. This software will help identify and quarantine risks before they spread throughout your network and compromise your clients’ sensitive data.

What other strategies do you use to protect your personal information? Do you have information security procedures in place? Please share your thoughts with us below!

A Guide to Valuing Your Financial Advisory Practice

Topics: Information Security

New Call-to-action
The Independent Market Observer, Brad McMillan

Follow Us