When it comes to protecting your confidential information from the scourge that are cyber thieves, one of the most vivid descriptions I have yet heard compares these criminals to sharks: “Never sleeping, unemotional, relentless in their pursuit of prey.”
Now, before any fans of Shark Week correct me, I understand that some sharks do enter a state that is vaguely sleep-like. And let me be clear that, unlike cyber criminals, I have nothing against sharks. They are miracles of nature and fascinating creatures. But the comparison has relevance because, as a consumer, protecting yourself from scammers can sometimes feel like swimming in the ocean: You know that sharks are out there, but you hope they will leave you alone.
Fortunately, when it comes to defending your personal information, we at Allworth Financial take a more proactive approach. And, frankly, you should too.
As I know significantly less about technology than I do about investing and finance, for this important Weekly Update I have called upon the expertise of our Chief Technology Officer, Sandeep Mishra, and our Information Security Manager, Venkatesh Patil. These two folks work night and day with other members of our highly trained IT department to keep information safe.
What follows are some of the things we do to protect personal and financial client information, followed by a list of what you can do to help us protect you.
Team members are screened, trained, and tested
Suffice it to say, be they client-facing or behind the scenes, we value and appreciate all our associates throughout the country. However, working for Allworth Financial certainly does not mean that they automatically have access to sensitive client information.
Before you are qualified to become employed by Allworth, you must undergo a thorough background check. After you become a team member, you must complete quarterly attestations, engage in ongoing education, and engage in and pass regularly scheduled cyber security training.
Additionally, client information is only accessible to those team members whose job responsibilities require that level of clearance to fulfill their responsibilities.
Walls of protection, constant monitoring
As mentioned earlier, bad actors never stop trying to gain access to other people’s confidential information. To protect against them, we have implemented, and continue to upgrade, multiple factors of authentication to ensure that unauthorized users and cyber criminals are kept at bay. Our systems and personnel monitor all transactions and activity 24 hours a day, seven days a week, 365 days a year to identify and defend against any threat or suspicious activity.
Simply, if someone or something probes our defenses, we will see them.
To further help keep information safe, the ever-vigilant members of our IT department send out regular updates to staff that identify threats and ingrain protocol. On a day-to-day basis, we automatically block access to unsecured websites and consistently probe our own defenses and response times to identify ways we can improve.
But our exceptional technology team is not merely reactive, they also thoroughly review and verify the security practices at our vendors to help minimize supply chain risks. Before we will conduct business with a firm, we analyze their systems and policies, and if they fail to meet our rigorous IT standards, we refuse to work with them.
So, how can you help us protect you?
You or someone you know has almost certainly been the victim of cybercrime. Additionally, I understand that reports about online scams are ubiquitous, and that their presence may in some way contribute to breaches, as it could give some folks a sense that there is little that private citizens can do to protect against them.
But that is simply not true.
Here are a few ways that you can help us (or any entity you work with) protect you.
Use two-step verification
I use two-step verification (also known as two-step authentication) for virtually everything.
You should, too.
Typically texted to your phone (or via email), two-step verification is a security feature that requires you to enter a single-use security code whenever you access an account online. This makes it significantly more difficult for bad actors to gain access to your information.
Secure your passwords and make them unique
Using a trusted password manager not only makes it easier to manage your login information across websites – it will also help you create secure, strong, and unique passwords.
And when it comes to creating your own passwords, you should also:
- Make them long (even 20+ characters long)
- Use a combination of characters (numbers, upper- and lower-case letters, unique symbols, etc.)
- Never use personal information that would be easy to guess
- Use unique passwords for each account
- Change them every few months
When it comes to passwords, while there are never any guarantees, longer is typically better. One method to create more secure, memorable passwords - that are both long and personal - is to tell a story. For example: “IlovetheGREENhousethatis#4thfromthecorneron#44thstreet.”
If available, use biometrics
In the not-so-distant future, all our identification will be biometric, which is the utilization of your unique physical characteristics to enable access to your devices and secure websites. If your smartphone or PC offers biometric security options such as a fingerprint reader, or voice or facial recognition, begin using them now.
Never click on links in emails and texts
Billions of dollars in phishing fraud each year prove that cybercriminals are phenomenally successful in their attempts to make their emails and texts appear legitimate. Because it is so easy to get fooled by criminals, be skeptical of all emails, texts, and any links and attachments, until you are 100% certain that their origin is legitimate.
Be economical with your online presence
Lastly, try and minimize what you share on social media and set privacy and security settings on websites and applications to safeguard your information.
It can be unnerving when you consider that criminals, perhaps living thousands of miles away, spend their lives probing people and businesses for access to confidential information. But that is an unfortunate reality of the world we live in. With that in mind, if you stay vigilant, shred your personal information before throwing it away, check your credit often, avoid clicking on suspicious links and attachments, and you commit to putting time and energy into the creation of complex passwords, you will significantly lower your risk of being the victim of cybercrime.
