Cybersecurity tips we hope you're following

April 28, 2023

Allworth Co-CEO Scott Hanson shares how Allworth works to protect our clients from cyber criminals... and reminds you about the best ways you can go about protecting yourself.

When it comes to protecting your confidential information from the scourge that are cyber thieves, one of the most vivid descriptions I have yet heard compares these criminals to sharks: “Never sleeping, unemotional, relentless in their pursuit of prey.”

Now, before any fans of Shark Week correct me, I understand that some sharks do enter a state that is vaguely sleep-like. And let me be clear that, unlike cyber criminals, I have nothing against sharks. They are miracles of nature and fascinating creatures. But the comparison has relevance because, as a consumer, protecting yourself from scammers can sometimes feel like swimming in the ocean: You know that sharks are out there, but you hope they will leave you alone.

Fortunately, when it comes to defending your personal information, we at Allworth Financial take a more proactive approach. And, frankly, you should too.

As I know significantly less about technology than I do about investing and finance, for this important Weekly Update I have called upon the expertise of our Chief Technology Officer, Sandeep Mishra, and our Information Security Manager, Venkatesh Patil. These two folks work night and day with other members of our highly trained IT department to keep information safe.

What follows are some of the things we do to protect personal and financial client information, followed by a list of what you can do to help us protect you.

Team members are screened, trained, and tested

Suffice it to say, be they client-facing or behind the scenes, we value and appreciate all our associates throughout the country. However, working for Allworth Financial certainly does not mean that they automatically have access to sensitive client information.

Before you are qualified to become employed by Allworth, you must undergo a thorough background check. After you become a team member, you must complete quarterly attestations, engage in ongoing education, and engage in and pass regularly scheduled cyber security training.

Additionally, client information is only accessible to those team members whose job responsibilities require that level of clearance to fulfill their responsibilities.

Walls of protection, constant monitoring

As mentioned earlier, bad actors never stop trying to gain access to other people’s confidential information. To protect against them, we have implemented, and continue to upgrade, multiple factors of authentication to ensure that unauthorized users and cyber criminals are kept at bay. Our systems and personnel monitor all transactions and activity 24 hours a day, seven days a week, 365 days a year to identify and defend against any threat or suspicious activity.

Simply, if someone or something probes our defenses, we will see them.

To further help keep information safe, the ever-vigilant members of our IT department send out regular updates to staff that identify threats and ingrain protocol. On a day-to-day basis, we automatically block access to unsecured websites and consistently probe our own defenses and response times to identify ways we can improve.

But our exceptional technology team is not merely reactive, they also thoroughly review and verify the security practices at our vendors to help minimize supply chain risks. Before we will conduct business with a firm, we analyze their systems and policies, and if they fail to meet our rigorous IT standards, we refuse to work with them.

**So, how can you help us protect you?**

You or someone you know has almost certainly been the victim of cybercrime. Additionally, I understand that reports about online scams are ubiquitous, and that their presence may in some way contribute to breaches, as it could give some folks a sense that there is little that private citizens can do to protect against them.

But that is simply not true.

Here are a few ways that you can help us (or any entity you work with) protect you.

Use two-step verification

I use two-step verification (also known as two-step authentication) for virtually everything.

You should, too.

Typically texted to your phone (or via email), two-step verification is a security feature that requires you to enter a single-use security code whenever you access an account online. This makes it significantly more difficult for bad actors to gain access to your information.

Secure your passwords and make them unique

Using a trusted password manager not only makes it easier to manage your login information across websites – it will also help you create secure, strong, and unique passwords.

And when it comes to creating your own passwords, you should also:

Make them long (even 20+ characters long)
Use a combination of characters (numbers, upper- and lower-case letters, unique symbols, etc.)
Never use personal information that would be easy to guess
Use unique passwords for each account
Change them every few months

When it comes to passwords, while there are never any guarantees, longer is typically better. One method to create more secure, memorable passwords - that are both long and personal - is to tell a story. For example: “IlovetheGREENhousethatis#4thfromthecorneron#44thstreet.”

If available, use biometrics

In the not-so-distant future, all our identification will be biometric, which is the utilization of your unique physical characteristics to enable access to your devices and secure websites. If your smartphone or PC offers biometric security options such as a fingerprint reader, or voice or facial recognition, begin using them now.

Never click on links in emails and texts

Billions of dollars in phishing fraud each year prove that cybercriminals are phenomenally successful in their attempts to make their emails and texts appear legitimate. Because it is so easy to get fooled by criminals, be skeptical of all emails, texts, and any links and attachments, until you are 100% certain that their origin is legitimate.

Be economical with your online presence

Lastly, try and minimize what you share on social media and set privacy and security settings on websites and applications to safeguard your information.

It can be unnerving when you consider that criminals, perhaps living thousands of miles away, spend their lives probing people and businesses for access to confidential information. But that is an unfortunate reality of the world we live in. With that in mind, if you stay vigilant, shred your personal information before throwing it away, check your credit often, avoid clicking on suspicious links and attachments, and you commit to putting time and energy into the creation of complex passwords, you will significantly lower your risk of being the victim of cybercrime.

Advisory services offered through Allworth Financial, a Registered Investment Advisor | Disclosures | Privacy Policy

Securities offered through AW Securities, a Registered Broker/Dealer, member FINRA/SIPC. Check the background of this firm on FINRA's BrokerCheck.

HMRN Insurance Agency, LLC license #0D34087

¹Barron’s 2024 Top 100 RIA Firms. Barron's© magazine is a trademark of Dow Jones L.P. The ranking of independent advisory companies is based on assets managed by the firms, growth, technology spending, succession planning, and other metrics.

² Retention Rate Source: Allworth Internal Data, FY 2022

³ The NBRI Circle of Excellence Award is bestowed upon NBRI clients meeting one or both of the following criteria: Total Company score at or above the 75th percentile of the NBRI ClearPath Benchmarking Database and/or improvement of five (5) or more benchmarking percentiles in Total Company score over the previous survey.

⁴ As of 7/1/2024, Allworth Financial, an SEC registered investment adviser and AW Securities, a registered broker/dealer have approximately $22.5 billion in total assets under management and administration.

⁵ InvestmentNews 2020 and 2021 Best Places to Work for Financial Advisers. The ranking reflects survey responses and scores completed by both employers and employees. Employers report their organization’s workplace policies, practices, and demographics. Employees complete a survey designed to measure the employee experience.

⁶ 2021 Value of an Advisor Study / Russel Investments

⁷ Ranked 9th Top Wealth Managers By Growth in Assets in the U.S. from RIA Channel, 2022. RIA Database and RIA Channel are registered trademarks owned by Labworks, LLC.

⁸USA Today Best Financial Advisory Firms 2024. The ranking is based on the growth of the companies’ assets under management (AUM) over the short and long term and the number of recommendations they received from clients and peers.

⁹NBRI Best in Class Ethics 2023. The Best in Class level is bestowed upon clients performing at or above 90 percentile of the NBRI ClearPath Benchmarking Database.

^✢ Scott Hanson, Investment Advisor 2005, 25 most influential people in the financial services industry. The ranking reflects 25 people who Investment Advisor magazine believes have had or will have the greatest influence on the financial services industry.

^✼Pat McClain, InvestmentNews 2014, Invest in Others Community Service Award, presented to an advisor who has made an outstanding impact on a community through managerial contributions to a non-profit organization.

^†Financial Times, FT 300 Top Registered Investment Advisers, June 2019. The ranking reflects six areas of consideration including the company's years in existence, industry certifications of key employees, AUM, asset growth, SEC compliance record and online accessibility and calculates a numeric score for each company.

Certified Financial Planner Board of Standards Inc. owns the certification marks CFP®, CERTIFIED FINANCIAL PLANNER™, CFP® (with plaque design) and CFP® (with flame design) in the U.S., which it awards to individuals who successfully complete CFP Board's initial and ongoing certification requirements.