Cyber Security and You
Chances are you don’t leave your car unlocked in public places, or sleep with your doors or windows unlocked. The risks of leaving these things unprotected are too high. We work to “lock” your financial world for the same reasons.
Today’s high-tech lifestyle provides instant access to information, transactions, communication, research – you name it. It also, unfortunately, presents a risk to your financial health and personal information as cyber crime grows with a sophistication hard to outpace.
Cyber security requires day-to-day monitoring, action, research and dedication to keep ahead of cyber breaches. At GenSpring, we are acutely aware of the sophistication of today’s cyber breaches and allocate resources to ensure cyber security throughout the firm.
A robust, dedicated staff works daily on cyber security alone. But regardless of how detailed and devoted that team is, it is a well-known fact that security begins with each and every person – be that an employee, a client or a member of a client family.
Research has shown that the easiest way to breach a family office’s cyber security is through the people it employs or interacts with. It can happen in a variety of ways with threats sneaking in through:
- Outdated software without the latest security updates
- Employees allowing unauthorized access to their work laptops, mobile phones, or tablets that exposes the family office network
- Workers or clients logging onto public Wi-Fi networks with a laptop or smartphone that could compromise the device and then ultimately the family office
We work tirelessly to prevent these exposures. In fact, it’s a constant war for us to disarm cyber threats, which show no sign of stopping.
According to a CNN Money report, more than 317 million new pieces of malware — computer viruses or other malicious software — were created last year. That means nearly one million new threats were released each day. (“Nearly 1 million new malware threats released every day” by Virginia Harrison and Jose Pagliery, April 14, 2015).
GenSpring is heavily invested in protecting the privacy and confidentiality of client data and company resources. Some of the controls we employ include annual training mastery for all employees related to cyber security and client data privacy. We also employ production and disaster recovery data centers; equipment standards that are best in class; and 24/7 network monitoring.
We adhere to industry and government safeguards. We follow cyber security guidelines set by the Securities and Exchange Commission, undergo audits by the Federal Reserve Bank and train and certify key GenSpring technology employees through the SANS institute, an information security training and certification program.
In addition, we have third party tests performed periodically by certified security firms who perform assessments of our security both internally and externally to compare results with current best practices in the industry and identify gaps. All test results are documented for audit.
Anyone connecting an untested USB memory device can be a source of viruses and malware.
Family Office Exchange: “Cyber Security and the Family Office,” by Steven Draper, 2016
We use redundant disaster recovery sites and intrusion prevention measures with a layered approach to physical and electronic data protection to help ensure availability and reliability of systems.
In the unlikely case of a breach, we at GenSpring, as an affiliate of SunTrust Bank, have cyber insurance that helps protect clients’ identities.
This may all sound like a course in IT, but, in fact, it is a course in financial safety. Cyber security is here to stay – as are cyber threats and breaches. As such, we partnered with former White House Chief Information Officer Theresa Payton to recount the top cyber tips she provided when speaking at GenSpring’s 2017 Family Symposium for client families.
Top Cyber Safety Tips
1. Segregate Your Email
Use different email addresses to access different areas online. Use one e mail for financial information, one for online shopping, and one for browsing. This provides extra protection for your information and makes it harder for adversaries to ever get all your information at once.
2. Use the Right Tools
Virtual Private Networks, or VPNs, provide an extra layer of security when using an unknown network. Consider utilizing VPN technology to communicate confidentially and securely but familiarize yourself with the terms of service. Since VPNs create a tunnel between a user and the VPN provider’s server it’s important to have trust in the VPN provider.
3. Hide or Segment Your WiFi
Hiding your wifi makes it harder for hackers to gain access to your business or home wifi. You can hide your wifi and consider segmenting data to different wifi networks – so your smart devices (smart thermostats, surveillance cameras, doorbells, lights etc.) devices are put on one and sensitive information is tied to a separate wifi network.
4. Protect Yourself When Traveling
Preparation for international travel is of particular importance. Consider getting a temporary phone and email when you travel internationally. Try to avoid accessing sensitive information overseas, and only operate on that temporary dedicated email and phone for the duration of the trip.
5. Change Your Passwords Regularly
It may be a nuisance, but it is imperative to change passwords regularly. Consider using a password manager, such as 1Password or LastPass to both suggest and store complex passwords. Further, enable two-factor authentication on all sensitive sites and services. Two factor authentication (or 2FA) provides a second layer of security over a username and password. Alongside your password, it uses a second distinct way of identifying you (such as a text message or a unique number that changes every minute) before granting access to your information.
Today’s technology is rapidly evolving and the digital world in which we all live poses significant risk. As your family office, we take cyber security seriously and encourage your adherence to the above best practices.
Authored by GenSpring Family Offices, with direct contribution from Robert Trinchet, Chief Information Officer.
The information herein is prepared and shared for educational purposes only, and should not be considered as investment, legal, insurance or tax advice or a recommendation for any particular security, strategy or investment product or an offer for investment advisory services. The material is in summary form, and should not be relied upon as being complete. Stated information is derived from proprietary and non-proprietary sources that have not been independently verified for accuracy or completeness.