As you know, one of the “big four” credit reporting agencies, Equifax, announced in September that they had experienced a security breach resulting in criminals accessing personal information of approximately 143 million Americans between May and July of this year. With this recent breach of personal information, you are probably asking yourself, “How can I protect my client’s personally identifiable information?”

If you are affiliated with a broker-dealer, you most likely utilize proprietary systems which are heavily encrypted and closely monitored by trained staff to identifying any potentially dangerous applications or intrusions. As an authorized user of these systems, it’s imperative that you follow the broker-dealer’s security procedures.

However, what about your own firm’s systems which include hardware and software? Here’s important information and ten steps to follow to increase your firm’s cyber security.

1. Never allow unauthorized individuals or companies access to your computer. One method hackers use to gain entry to protected systems is through remote access. Authorizing an individual or company, other than your broker-dealer, remote access to your PC is very dangerous.
2. Never leave passwords written near your PC. If you need to keep track of passwords, utilize (?)
3. Establish a firm policy for the creation of passwords that requires each password to include an uppercase letter, number and character. Also make it policy for each employee to change their passwords quarterly or more.
4. Do not allow the use of public WI-FI hot spots. Using public WI-FI hot spots means your internet is insecure and someone can easily capture your information. Require all remote WI-FI access through a WPA2 Encryption Key.
5. Require all PCs used in the office or at home to receive regular vulnerability assessments and to be kept up-to-date with the most recent anti-virus and anti-malware programs.
6. Make sure PCs and laptops have automated updates turned on for Windows.
7. Do not allow browsers to remember logon information for tools accessed online.
8. Do not click links in emails or signatures unless it is from an authorized and trusted source.
9. Immediately remove access to all systems and online tools once an employee has terminated employment.
10. Always have a backup. Use backup software and store it to a server (if applicable) or external storage device.

When it comes to staying cyber secure, your vigilance will help to protect your clients’ personally identifiable information (PII). If you need assistance with running a vulnerability assessment or establishing a cyber security policy, our technology experts can help.