In an age where privacy is essential, clients depend on you to keep their information safe. For financial professionals, data security should be an ongoing conversation. Without it, you risk compromising confidential information and losing your client’s trust. To stay worthy of that trust, here are five practices to incorporate into your daily routine that improve data security:
1. Collect and store only essential information.
A Data Breach Investigation Report from Verizon concluded that 71 percent of all cyber-attacks are financially motivated. One prevention tactic is to only hold onto essential data. It’s easy to fall into the trap of storing data we don’t need. Whether the information came to us through a client document or report—those names, addresses, account numbers and client details are open to compromise. If you have documents with PII, make sure they are stored in your firm’s compliant books and records. If anything was emailed securely, be sure to delete it from your inbox once properly stored.
To assess whether you should keep a document, think about the following:
- Do I need this data to perform a specific task?
- How will I use this data?
- Is it necessary to keep this data to perform specific tasks?
In many cases, you only need a portion of the data you have on hand. It’s best to keep the minimum amount of information—and safely dispose of the rest.
2. Use two-factor authentication and strong passwords.
This tip might seem like a no-brainer, but password protection is one of the easiest ways to prevent a data attack. Set aside time to reevaluate your password strategy on your devices and start with these three tasks:
- Diversify your passwords (and make them strong). Instead of using the same password and a million variations of it, diversify your passwords for protection. The longer, the better—and don’t forget to use plenty of numbers, symbols and phrases. Use a secure password manager if you’re worried about remembering your passwords.
- Establish two-factor authentication. Whether you use Face ID, fingerprint scan, text messages or an additional email address, all your accounts and log-ins should include a two-factor authentication system. Creating a second barrier to your data decreases the chances that others can access it.
- Use passwords to protect your documents. Even though it might seem excessive, add passwords to individual documents with sensitive data. All those extra layers of protection are ideal for client information.
3. Maintain your security systems and software.
When your computer or IT team says it’s time to update your security system, don’t hit snooze on the notification (even though we know it’s tempting). Keeping your data protection software up to date is essential because developers constantly modify their code to protect against new threats or breaches. Without those updates, your data remains susceptible to attacks.
4. Limit who can access your information.
Even if you can control your own security practices, you can’t control the security of others. Limit who you share documents, reports and client information with and make sure your client understands who may have access to their data. In some cases, you may need to share information with collaborators temporarily—make sure the document is password protected, and you can change permissions at any time.
One of the best ways to ensure information is locked down (and only viewable by the appropriate parties) is to leverage the help of a CRM or DOI-compliant storage system. These tools take the guesswork out of keeping your files safe and offer regular support from the provider’s customer service to resolve problems.
Stay Trustworthy with Data Protection Practices
Remember, as a financial professional, trust is foundational to your client relationship. Maintain these basic financial data security practices to help improve your chances of beating a cyber-attack. Your clients will have peace of mind that their information is with someone they can trust. Contact our team today if you want to learn more about Concorde, our security practices or our financial professionals.
This is for informational purposes only.
Securities offered through Concorde Investment Services, LLC, member FINRA/SIPC. Advisory services offered through Concorde Asset Management, LLC, an SEC-registered investment advisor. Insurance offered through Concorde Insurance Agency, Inc.