Beyond the rate

Best practices to protect financial data from cybercrime

As we discussed in our last post How to protect clients’ personal and financial data, staying on top of the latest tactics that cybercriminals are using to steal financial information is necessary when conducting business in today’s increasingly digital marketplace.

Knowing what’s happening online is a great first step, but it’s not enough to simply develop an awareness of the risks of cybercrime. It’s important to also have plans in place to enact the latest digital security measures based on industry best practices.

5 data security best practices

The business of savings and investments is moving into the digital age, and there is no denying the importance of maintaining a presence and conducting business online. With the move to digital tools by financial professionals comes a need for new layers of protection to help keep clients’ data safe.

Here are five data security best practices for you to keep in mind.

1. If personal data isn’t absolutely required, don’t collect it: The less personal information that you have collected and stored within your systems, the less cybercriminals will have the opportunity to access in the unfortunate event that your other security safeguards fail. Before requesting sensitive personal information from a client, consider whether it is necessary to meet the stated purposes of collection, and, if it is, determine whether or not an electronic form is the best means of collection.

2. Don’t use email to send financial or account information: Email is a quick and convenient way to communicate, but it is not a secure method to transmit sensitive personal or financial details. When an organization makes it clear to clients that it will never use email to request sensitive account information, the chances that a phishing email to clients will succeed are reduced.

3. Implement strong password protocols: Strong password protocols help to slow cybercriminals down. By requiring the use of complex passwords, e.g., ten or more characters with a combination of numbers, symbols, and upper- and lower-case letters, and by mandating regular changes to those passwords, would-be data thieves may choose to move on to an easier target.

4. Keep security tools updated: Ransomware is malicious software that encrypts system files until the victim pays a ransom to restore them, The threat of it should be enough to prove the value of a robust antivirus program, but as cybercriminals constantly work to exploit the vulnerability of outdated security tools, ensuring the tools used by your firm are up-to-date is crucial.

5. Physical security still matters: All this talk of cyber-risk may lead one to wonder if physical security still matters. The answer is yes, it does. Any digital security measures should be over and above physical safeguards which could include securing entranceways, using access controls like security badge scanners for non-public areas, and implementing a clean desk policy.

Safeguarding your clients’ financial data is not just a hallmark of providing good customer service. Recent high-profile private and public sector data breaches have brought the risks of inadequate data protection in the financial services industry into sharp focus. If your clients aren’t already asking questions about the measures you have in place to protect their data, you can be sure they are going to start soon!

Stay tuned for the next edition of Beyond the Rate, in which we’ll help you to better understand ways to attract and retain your clients by providing an exceptional customer experience.

 

The information, materials and opinions contained in this Blog are provided for your information only. This Blog does not constitute legal, financial or other professional advice and you should not rely on it as an alternative to specific advice based on your particular circumstance. This Blog contains links to third party websites. These links are provided for information and convenience; Home Trust does not endorse the content of any third party website, and it makes no representation or warranty as to the information on such third party sites. By clicking on any link to a third party site, you leave the Home Trust website and do so at your own risk. Home Trust disclaims all liability for any damage or loss that results from your access to or reliance on information contained in this Blog or any third party site.</p

We welcome your thoughts on this blog feature. Please email your comments to beyondtherate@hometrust.ca

Share Article