In today’s headlines, we hear about private celebrity pictures being stolen and published online, companies at risk from hackers and more. It makes many of us feel as if we should not be online or the same thing could happen to us. Still, completely disconnecting from the Internet is not an option for most people.
Blane Warrene, co-founder of QuonWarrene, addressed these concerns about privacy and security for the socially engaged financial advisor at the TD Ameritrade Institutional LINC conference in San Diego.
Warrene noted that if you are digitally active, there should be steps to protecting yourself and your business. To get his point across, he said, “You do not have to leave all doors unlocked while being active online.”
One thing you can do is consider best practices for being safer online:
Secure your device.
At a minimum, you should have a password to operate your devices, including smartphones and tablets. Do not use the same password for every log-in you have.
If you have trouble remembering all your different passwords, consider using a password manager like LastPass, 1Password and RoboForm for log-in credentials in your browsers. “You want to find one that is vetted. You want to hear that feedback,” advised Warrene. With these solutions, one difficult-to-figure-out password can be used with all your devices.
Two-factor verification might be something to consider. This means using a second factor to finalize a log-in. It generally requires a text message or a code generated on a different device than the one you are logging in from. This way, a hacker needs to do more than just figure out your user name and password. “It may feel inconvenient,” Warrene said, “but the peace of mind knowing that you are better securing your accounts is key.”
You should also have an antivirus solution installed and set to always run and update without user intervention.
Warrene also recommended encryption for data both in transport and at rest in storage -- for instance, BitLocker or PGP encryption on PCs, FileVault for encryption on Mac OS X.
On iOS and Android devices, it makes a difference to use Lookout, Trend Micro or Symantec for a layer of security, as well as Cloak or Vpn One Click for Wi-Fi security. Securing your activity on a public Wi-Fi is important, since that is where bad people hang out, said Warrene.
Don’t get enticed into a mistake.
“Beware of unrealistic or tantalizing offers via any digital form -- everything from free money to prizes to free music and, yes, even porn,” he said. Cyber criminals prey on every possible weakness, from money to power, fame and other temptations, he warned.
Be careful of those that ask for password or personal information. Also, avoid any announcement that one of your accounts has been compromised, especially if it comes with links for you to click. When working with clients, these practices should never be used. Even attachments are dangerous. A secure e-mail transport is a more secure way to interact with clients.
Warrene recommended educating clients, too. For example, they shouldn’t be sending five years of tax returns from a Gmail account. “Give your clients a more secure way to give you information,” he said.
Be aware of social hacking.
Many sites and programs can broadcast your current physical location. It happens in obvious places like Foursquare, Facebook and Google+, but you can also give away your location in tweets, in photos on your devices and even in the physical devices themselves, Warrene said.
And if your location is shared, it might put your home and business at risk while you are away. Warrene’s advice is to consider limiting location broadcasting in check-in apps by exploring the settings and how your location is shared. In each social network, know your account settings and how your content is published.
“Also don’t forget to review the settings for your apps used to store photos [for example, in iPhoto on a Mac or in Photos on Windows 8] to disable location tracking for each image,” said Warrene.
Know what is syncing.
Many solutions sync. For example, iCloud keeps Macs, iPhone and iPads current with data and files and Dropbox can sync across any number of devices. Evernote and Google Drive are other examples. In all cases, Warrene recommends ensuring that you keep them tightened up for security and privacy.
To do this, know if any other users have been given access to the data you store and sync. Also, prune apps you no longer need. “Remember to keep these folders in backup. However, scrutinize or scan files if you enable others to add to those folders before backing up. This is often how malware gets caught in backup. This creates a security loop even if you've mitigated a risk if you later restore data from backup. For each cloud service, enable encryption for the storage of your data if it is not by default,” he said.
Beware of forwarded information.
For private content, know that it can be shared beyond the people you send it to. Warrene explained, “The best way to fully control how your data is shared and viewed is to take the time initially, and at least twice annually, to go through an exhaustive view of the settings available on your social networks.”
Make sure to use common sense. If you would not want something shared on a billboard, then maybe the information should not be shared at all. With social networks, Warrene told attendees, “You can manage old posts, but they are archived somewhere, so you can’t completely undo them.”
Warrene’s final thoughts were that there is no way to be bulletproof. The only way is to unplug, and most people are not going to go to that extreme. However, these kinds of steps will help frame a policy and diminish some cyber security risks.
Mike Byrnes is a national speaker and owner of Byrnes Consulting LLC. His firm provides consulting services to help advisors become even more successful. Need help with business planning, marketing strategy, business development, client service and management effectiveness? Read more at ByrnesConsulting.com and follow @ByrnesConsultin.