CyberHUB
Cyber security quick wins – Tips and techniques
Reading time: 2 minutes
Developing a cyber risk management plan takes some time, but there are some strategies that financial professionals can put in place while it does this.
The Australian Signals Directorate (ASD) suggest setting up email authentication measures such as multi-factor authentication which can help to prove an email is not forged and it is indeed from who it says it is from. It is most often used to block harmful or fraudulent uses of email such as phishing and spam.1
Protecting domain names is another valuable practice and includes measures such as using a reputable registrar, choosing a strong password, enabling privacy protection and regularly renewing the domain. Registering additional domain names can offer further protection because it helps to secure a business’s online identity and prevent competitors from purchasing the other extensions of your domain.
Another key focus area is ensuring sensitive client data such as financial or health information can only be accessed by those authorized. While sharing information online is how most of us communicate and conduct business, using strong passwords and two-factor authentication, encryption and replacing single sign-ons with unique logins are all important.
Finally, awareness and training are key aspects of cyber resilience helps practices, and their clients identify risks and threats and take steps to prevent cyber-attacks. Remaining vigilant and informed requires ongoing training and updates to keep cyber secure.
Other focus areas include:
Client portals
Can mitigate exposure to cyber threats because they enable the secure sharing of documents and reports with your clients, and often have added security benefits such as two-factor authentication for added security.
Strong passwords
A straight-forward measure that can be enacted immediately. Best practice describes strong passwords as having more than eight characters, containing alphanumeric characters, no personal information, preferably incorrect spelling and should not have been used before.
File sharing apps
Sharepoint can be used to share files instead of sending over email, because they require permissions to be set for user access.
Software updates
An important way of ensuring you have the latest functionality updates with the best security as well.
Digital access
Does not require a blanket approach. A regular audit of permissions and controls across your business will ensure your team has access to what they need to perform their job, while also limiting exposure.
Learn more about our all-in-one secure client portal
Continue reading
Trends from the US – What does this mean for your business?
Over the past decade, Government and regulators have built a framework of governance for businesses to provide them with a structured approach to cyber-incidents and accountability.
Dive into the conversation
The rise of cybercrime
Cybercrime involves activities such as compromising emails and online banking fraud, which according to the Australian Government’s Australian Signals Directorate (ASD), currently make up the top three cybercrime types for business.
The Regulator’s stance on cyber
Although the Australian Investment and Securities Commission’s (ASICs) does not prescribe technical standards on cybersecurity, there is an expectation for licensees to address cyber risk as part of their AFS licence obligations, including risk management.
Mandating cyber change – A case study
With cyber now listed as a major risk for the company, client portals have enabled Centrepoint Alliance’s adviser network to meet its mandated cyber standard and to facilitate client engagement and security.
Letter box versus inbox – security does differ
Two decades ago, important documents were sent in the mail and stayed in our letter box until we collected it, but this has been replaced with email and cluttered inboxes, leaving it prone to cyber security threats.
Cyber threats – Current response from financial professionals
Despite financial professional’s concern over cyberthreats, most have not acted fast enough and taken advantage of the appetite for change and the tail winds provided by government websites, cyber campaigns and media coverage.
Cyber resilience and its application
Over the past decade, Government and regulators have built a framework of governance for businesses to provide them with a structured approach to cyber-incidents and accountability.
Cyber security quick wins – Tips and techniques
Developing a cyber risk management plan takes some time, but there are some strategies that financial professionals can put in place while it does this, including multi-factor authentication and protecting domain names.
Trends from the US – What does this mean for your business?
Research in the US by Adviser 360 has found advice businesses that fail to invest in technology solutions to be more productive and better able to satisfy their clients, run the risk of being left behind.
How does your digital client experience stack up
Consolidated logins where customers use one login to access a range of services is now the norm and they have become a common way for people to engage with their service providers, setting the standard on client experience.
It’s time to transition to client portals – A case study
With cyber now listed as a major risk for the company, client portals have enabled Centrepoint Alliance’s adviser network to meet its mandated cyber standard and to facilitate client engagement and security.
Imagine the possibilities – Key benefits of client portals
Client portals are fast emerging as a core capability in nurturing safe and secure collaboration between clients and their financial professionals.
Whole of wealth approach with client portals – A case study
An early adopter of client portals, Sherlock Wealth’s Owner and CEO, Andrew Sherlock, said it’s an integral piece of technology that his business uses with many of its clients.
Break the reliance on email – Together, we can make a difference
Financial professionals, as trusted advisers, can take a leadership position in ensuring data security with their clients, leveraging client engagement to provide them with a reason to do it.