Six tips for stronger data security
Cybersecurity is extremely topical in Australia right now, with a number of larger companies and government departments experiencing severe privacy breaches over the past two years. The number of reports of cybercrime in Australia has increased significantly and is imposing an increasingly heavy cost on businesses. As digital services become more interconnected, the sophistication and frequency of cyber-attacks have a greater potential to cause widespread damage.
The Australian Cyber Security Centre (ACSC), the hub for private and public sector collaboration and information-sharing on cybersecurity, received over 76,000 cybercrime reports, which is an increase of nearly 13 per cent from the previous financial year.
Here at intelliflo. we understand the importance of protecting your business and client data. All of intelliflo’s solutions are protected, secured and validated by an ISO 27001 stamp of approval. Below are some of the steps advice firms can take to strengthen their cybersecurity to prevent, identify and deal with attacks.
1. Regularly train your employees
In the financial advice sector, people are your most important asset and the same is true in cybersecurity. Your employees are a crucial line of defence, because if someone opens a malicious email, it could lead to malware being uploaded to your systems. Regular training to raise awareness of potential scams, reinforce good practice and identify poor behaviours is essential. It is also important to recognise that scams are becoming harder to identify all the time and no one is infallible. Rather than creating a culture of fear if something does slip through, issues will be dealt with quicker and more easily if you create clear reporting procedures and encourage staff to escalate incidents swiftly and without blame.
2. Use technology to prevent problems before they start
Phishing emails are one of the most common forms of cyberattack and installing an email filter will weed out many of these scams before they hit your inbox, reducing the time your team needs to spend doing it.
The latest ACCC findings report that the most common scam reported to Scamwatch in 2022 was phishing. There was a 4.6% increase in reports to Scamwatch with 74,573 phishing scam reports received. Financial losses increased 469% from the $4.3 million reported in 2021, to $24.6 million in 2022. With this data in mind, it is important that firms and their advisers have the tools and technology they need to prevent data breaches before they occur.
3. Keep your software up to date
Technology providers usually issue regular and ad hoc updates that fix problems including security vulnerabilities, so these should not be ignored. Make sure you implement updates as soon as possible across all of your firm’s systems, laptops, tablets and phones. Lots of advice firms still use old software or devices that are no longer supported by the provider, but this is really a false economy as it risks a hacker using them as a weak spot to enter your systems, so you should consider upgrading them as a matter of urgency.
4. Create strong passwords
Password protect all your systems and devices and do not use the same passwords for multiple applications or your security may be breached if the same details are compromised elsewhere. It can be hard to remember lots of different passwords, but do not write them down, consider using a secure password manager instead. For systems that hold personal or sensitive data, use multi-factor authentication, such as a code sent to your phone, as well as a strong password, to add an extra layer of protection.
5. Back up your data
Make sure that if you do fall victim to a cyberattack, you are able to restore your information quickly. Leveraging the cloud will help you back up significant quantities of data cheaply, and you will also benefit from the investment and resources the major cloud services put into monitoring activity across their whole platform to identify suspicious patterns before they reach you. If you use intelliflo’s technology, all your data and documents will be automatically stored and backed up safe in the knowledge that it is protected by our dedicated staff and our large annual investment in cybersecurity.
6. Plan for the worst
Plan for the worst, with robust procedures in place so that everyone knows what to do and who to contact, including any regulatory reporting requirements, in case of an incident. Test your plan regularly to identify weaknesses and stay on top of threats.
Ensure you have procedures in place so that everyone knows what to do and who to contact, including any regulatory reporting requirements, in case of an incident. Test your plan regularly to identify weaknesses and stay on top of threats.
As financial advisers move to using more online resources, cybersecurity will become increasingly important. By ensuring your own procedures are as robust as possible and leveraging the ongoing security investment and resources of your technology partners, you can minimise attacks and resolve incidents swiftly.