Cybersecurity is a topic you often hear about but don’t pay attention to. More of the finance world is going digital. As this happens, cybersecurity for financial advisors is critical to protecting you and your clients. As their financial advisor, you have an obligation to protect their personal data. In a world that’s plagued by data breaches it can seem like there’s no way to fulfill that obligation. You can’t control how third-party services secure their data, but you can take steps to protect yourself and your clients.
One of the easiest ways to thwart would be criminals is to use a strong password. Easy to guess passwords leave you open to brute force attacks. The danger increases if you use the same password for multiple accounts. It’s best to avoid creating passwords that contain any of the following:
- Your name or the name of an immediate family member
- The word “password”
- Sequential letters or numbers such as ABC or 1234
- Information that’s easy to pull from social media
A good password is at least 10 characters long. It should contain a mix of upper and lowercase letters, numbers, and symbols (if they’re allowed). Another option is to use passphrases as their complexity makes them harder to guess. A passphrase is a sentence or phrase used as a password, and it should follow the same rules as a standard password. Once you have a secure password, enable 2 factor authentication (2FA) on all accounts that offer it. Enabling 2FA means that your account requires additional verification for someone to log into it. Verification works by sending a code via text, email or phone call. Other ways of issuing codes include app push notifications, and third-party authenticator app.
Cybersecurity doesn’t end with passwords. Another way to protect yourself is to avoid falling victim to social engineering attacks. Social engineering attacks use deception to get a victim to divulge sensitive information. A good example is harmless looking social media games that require personal information to play. These games ask for the same information used to answer security questions. Social engineering can also be someone calling you and pretending to work for a company. The caller may ask for your account password or other details. Most companies won’t ask you for passwords or verification numbers that they send as a part of 2FA.
Phishing is another kind of cybersecurity threat. It’s similar to social engineering in that it uses deception to obtain sensitive details. Phishing attempts can be emails or texts that appear to be from a trusted source. Those emails and texts contain harmful links. The links may download malware to your device, or they can take you to a website that’s used to steal your information. You can protect yourself from phishing by not opening emails, documents or links that you don’t recognize. It’s best to contact someone directly if you receive a strange message from them. The same applies to documents or files that you weren’t expecting.
Protecting your clients data is non-negotiable because they trust you. The best way to protect them is to protect yourself so that cybercriminals can’t use your access to harm your clients.
Learning about cybersecurity for financial advisors is just one of many aspects of running a safe and successful practice. For free resources to improve your business acumen and grow your practice, fill out the form at advisorwealthmastery.com.