News Labels Iris.xyz

SEC Hacking Underscores the Importance of a Secure Cloud Platform

Posted by In the News No Comments

View on iris.xyz

When it rains, it pours. Shortly after the Securities and Exchange Commission (SEC) was the subject of a Government Accountability Office report stating that it must do more to protect its computer systems from cyber-attacks, the regulator announced that its EDGAR network suffered a security breach last year. The SEC originally didn’t believe that anyone’s personal information had been compromised, but later, after a detailed forensic analysis, the regulator discovered that the names, birthdates, and Social Security numbers for two people had indeed been exposed.

This series of events powerfully illustrates the rapid growth and expansion of the cyber threat. Even one of the most powerful federal regulators, responsible for setting and enforcing standards on cybersecurity for financial services firms, finds it challenging to stay one step ahead of cyber-criminals.

I did not write this article to criticize the SEC. The regulator’s staff members deserve praise for their commitment to consistently improving the security of sensitive financial information, and investment firms’ computer systems in general, across the industry. The point I’m making is that if even the SEC can fall victim to hackers, no financial advisory practice or other business, regardless of size, can afford to make light of the cyber threat.

In fact, small businesses are at higher risk of a security breach than their larger counterparts. Half of all businesses with 250 or fewer employees have been targets of cyber-attacks, according to the National Small Business Administration, and as Experian has reported, 55 percent of small businesses close up shop within six months of experiencing a security breach.

 

How Advisors can Ensure Client Data is Protected When Working Remotely

Posted by In the News No Comments

View on iris.xyz

Mobile devices have made it possible for financial advisors, and professionals in a wide variety of other industries, to seamlessly conduct business and engage with clients in any location, and at any time, outside the office. But while laptops, iPads, and smartphones have enabled advisors to complete work and collaborate with colleagues and clients from home and on the road, these mobile devices can also increase the risk of security breaches if they are not properly secured and monitored.

One misplaced or stolen mobile device, or password, is all it takes for hackers to access clients’ sensitive financial information. Advisory practices whose data is compromised can not only face regulatory scrutiny and fines, but also permanent damage to their reputations which could put their very survival in the industry in jeopardy.

However, advisors don’t need to sacrifice convenience for effective cybersecurity. Below are tips that advisors can follow to make sure all data, documents, and emails on their firm-approved mobile devices are secured against hackers.

1. Implement Multi-Factor Authentication & Other Security Controls on All Mobile Devices

Cyber-criminals, along with the technology systems they seek to infiltrate, are becoming more and more sophisticated. So, needless to say, it shouldn’t be easy for them to figure out a mobile device’s password. Unfortunately, hackers are quite crafty, so advisors need to add an extra layer of protection to their firms’ mobile devices by implementing two-factor authentication. This authentication process requires users to enter a standard password in addition to a one-time code that can’t be entered again when they connect from unrecognizable devices.

Advisors can further secure their firm’s mobile devices by rolling out security controls that enable certain authorized users, as opposed to all practice employees, to access client data. These controls ensure that only select employees can download, copy, forward, or print sensitive information from their devices.

3 Tips for Enhancing Your Firm’s Cybersecurity Readiness

Posted by In the News No Comments

View on iris.xyz

After witnessing massive cybersecurity breaches at companies such as Adobe, Target, Home Depot, Sony, Experian and JPMorgan over the past four years, wealth management firms, like members of many other industries, have ramped up efforts to protect sensitive client information from hackers.

I work with financial advisors, family offices, broker-dealers and asset managers across the U.S. to create cybersecurity and IT solutions that meet their business and compliance needs, and based on what I have seen, many wealth managers do have solid cybersecurity measures in place.

The problem isn’t that they don’t have a cybersecurity plan—the problem is that not every staff member follows all the steps in the cybersecurity plan, or even knows to do so. This is important, because during SEC regulatory audits, the examiner doesn’t just want to see that you have all the necessary tools to protect sensitive financial information. They also want to make sure you and all your team members actually know how to use them, and regularly test them.

Below are three tips on best practices for enhancing your firm’s cybersecurity readiness to protect your clients’ sensitive financial data as the threat of cyber-attacks continues to increase.

1. Universal Adherence is Key
In this day and age, all it takes for your firm to experience a reputation-damaging and costly data breach is one employee losing a company mobile device that isn’t password-protected. To truly protect your clients and your firm, all cybersecurity procedures must be followed by every employee.

I can’t tell you how many times I’ve heard an advisory firm’s chief compliance officer or chief IT officer say, “Well, we tell people to do something, but so and so is a managing director and he doesn’t want to do it, and we can’t force him to do it.”

This excuse won’t pacify investors when their personal information is stolen by hackers. It won’t pacify SEC examiners during audits either.

Unfortunately, I’ve seen more than a few 40-person advisory firms where 38 employees utilize two-factor authentication to protect their devices. More often than not, the two holdouts who refuse to use two-factor authentication are senior advisors who wind up putting the entire company, and all its clients, in jeopardy, because they have access to everything in the system.

Cybersecurity processes need to be universally followed across your organization in order to be effective. Your cybersecurity protocols are rendered ineffective if even one person ignores them.

The Future of Wealth Management Will Hinge on Technology

Posted by In the News No Comments

As society continues to embrace digital trends, it seems that the future of wealth management will hinge on technology. Beyond attracting Millennials, either as investors or fellow advisors, keeping current with tech trends will allow you to stay ahead of the market and protect your firm.

As stated by Mitchell Caplan, “Advisors who manage more assets and generate more revenue spend substantially more on technology and adopt technology into their practice at twice the rate of the average advisor.”

How can you reach this return? The following 6 areas of emphasis provide ample opportunities for you to analyze and implement technology for your practice in an effort to keep current with the ever evolving landscape of digital utilization for financial advisors.

Read  more at iris.xyz