News
Trois commandements pour protéger les données de vos clients
BlogNewsThe three commandments of protecting your client data

The three commandments of protecting your client data

Thursday, April 21, 2016

This article on technology and security for financial advisors is provided courtesy of François Levasseur, guest author and CEO of Kronos Technologies.

As an IT professional, I’ve always been very sensitive about security and sharing confidential data. I’m often surprised by the bad habits of some professionals and companies that facilitate personal data leaks. The fact that so many people do it without even knowing it is a huge concern, and that’s why my professional values revolve around this issue. Unfortunately, few advisors know about or decide to take up these good habits. Because of my experience and expertise, I’ve drawn up a list of three simple but very useful tips that can easily be integrated into your daily practices. You don’t need any special skills, that’s for sure! Show your clients that you care about safeguarding their data.

FIRST COMMANDMENT:
Thou shall not carry unprotected mobile devices!

As a professional, your laptop or smartphone is likely to contain some confidential data. You can always use cloud storage services to store all your data. But honestly, I bet you have a client’s statement stored somewhere in your downloads folder. Do you take the time to clean this folder on a regular basis? No? I thought so.

I take a few precautions to make sure my mobile devices are secure. But let’s keep it simple: Here are 4 things that you absolutely must do:

  1. Update your operating system (most recent version available)
  2. Make sure your device has a PIN, or a biometric identification solution
  3. Set a lockout time on your devices
  4. Encrypt your device.

If you use a laptop computer, make sure it’s password protected, or better yet, use a hard disk encryption solution. Hard disk encryption is available for Mac and Windows 10 laptops. If this sounds too complex, you can always ask the pros to do it for you.

If you do not want to encrypt your data, you have to make sure your computer does not contain any confidential data. Most of the time, cloud-based software offers the best secure online data storage solutions.

SECOND COMMANDMENT:
Thou shall not email confidential data!

I have to say right off the bat, nothing makes me angrier than seeing people sending confidential data over the public network, and it happens often! In fact, emails are part of the public domain, meaning that they can be read by many people and shared on several servers and networks around the world! Do not make this mistake! Never share confidential information with your clients via email. Act like a real professional. Show your clients that you care about safeguarding their data, that you know what to do with the information they entrust to you.

Now you know. That said, we still need to share in our business, so what are your options? How do you send confidential data to a client without compromising its security?

You can send compressed files that are password-protected or use a solution such as Dropbox to share documents. It’s a start, but you can do much more than that!

Your best option is to use professional tools. However, the learning curve and the initial investment may make this option harder to swallow, but sometimes the end justifies the means. You can use a tool that complements your messaging system or a full-featured software system. For example, there are several software suites on the market that were designed specifically to send secure messages they can even be integrated into your existing messaging system. We have solved this issue altogether at Kronos by using our SecureMail Now you have another option at your disposal!

THIRD COMMANDMENT:
Thou shall use a password manager!

I’m going let you in on a little secret… do you know that some websites save your plaintext passwords? In short, this means that your password is not protected, it could even be at risk. In fact, if you use the same password as your Facebook account, your email, or even worse, your BackOffice or AGA portal account password, I hate to tell you but you’re in deep trouble, my friend!

So, what should you do? Well, use a different password for each website you use. I know, I know… You cannot possibly remember that many passwords. And the only really secure password is one that’s impossible to memorize, like "u168iZVwjcV!M".

Fortunately, several tools will do this for you! These plucky and practical little programs are called Password Managers. They generate a series of “good” passwords for all the websites you need to log into. The best part is, you only have to remember your master password (you better not forget it, however). Since you’ll only have one password to remember, make it count! Choose one that’s long and complicated. Once that’s done and you want to log into a website or create an online account, all you have to do is enter your master password and the Password Manager will do the rest. Very cool, right?

I hope I’ve offered you some insight on the best practices for sharing sensitive data and security issues in the IT world. And I hope I’ve managed to get the message across. IT security is not to be taken lightly, it’s a real problem that you have to take seriously. It’s time we started talking about it!

I’m curious to know what you think about it. Feel free to share your top software picks and tips for safeguarding client data in your business practice. You can always ask questions, or send comments. I’ll be happy to share my favourite tools, tips and practical tutorials with you, they just might help you! Ask and you shall receive. See you again soon!

Leave a comment

Technology