Taking every precaution to guard against today's threats means focusing on both physical and electronic security.
With Internet scams, phishing, identity theft and just plain burglary, we investment advisers have an enormous responsibility to keep our clients' personal information safe.
Try as I might, it seems that every few months, I hear of some new security measure we should implement. With increasing threats and complexity, we can't afford not to take every precaution — including those that seem obvious.
In my firm, we focus on both physical and electronic security. From a physical standpoint, we pay attention to the details:
• Our building is locked outside of office hours.
• Our office is locked outside of office hours.
• We have a monitored alarm system that is set when the last person leaves the office.
• A buzzer goes off whenever the door is opened.
• Employees lock away any client files prior to leaving the office.
Electronic security is handled in various ways:
• Employees log off their computers prior to leaving the office.
• Computers log off automatically after a certain period of non-use.
• Each computer and software is accessed with employee-specific passwords.
• Passwords must be complex and are required to be changed periodically.
• A secure portal is used any time private information is sent or received electronically.
• All software with access to clients' personal information is reviewed for security and approved prior to use.
• Smart phones with access to work email must be password protected.
I could go on. There are other security measures we take, like having the ability to wipe phones and computers, firewalls, virus protection and more. My IT guy reviews this with me on a regular basis. I pay attention. It's important.
Sheryl Rowling is chief executive of Total Rebalance Expert and principal at Rowling & Associates. She considers herself a non-techie user of technology.
