The impact a cybersecurity breach can have on a business, large or small, is indisputable. It can cause significant reputational damage, destroy customer trust, and cause financial loss. And with millions of workers now accessing cloud-based resources and business networks over home wi-fi, the potential for a breach has only heightened. So how can you protect yourself from the threat of a cyber-attack?
There are several things we can all do to protect ourselves better. The Australian Government have set up a great online resource at cyber.gov.au, which contains a wealth of great advice and suggestions. As a technology company, cybersecurity is paramount to Praemium and we wanted to share two key features of our platform which can help to protect your client’s data and your business from a potential cybersecurity breach.
Limit the amount of personal information you share online
While this includes social media, which you should never use to disclose personal information, it also extends to the use of email. Email has never been a fully secure medium and cyber criminals are quick to pick up on personal details, such as client account names, numbers and balances, personal contact details and trade information.
It is easy for a scammer to replicate an email you have sent, so it looks exactly like one of your own, but includes their bank account details and a request to transfer funds. Many Australians are scammed this way each year.
You should try and share important account information via the most secure mediums available, which is why we recommend sharing with your clients via their Investor Portal.VIEW WEBINAR
Uploading letters and documents into Adviser Portal and sharing them with your clients means they have to login to their password-protected Investor Portal to view the information. Adding this extra layer of security makes it that much harder for the cyber criminals to obtain sensitive data.
Where possible, strengthen password protection by enabling multi-factor authorisation
One of the most important things you can do to increase security of your data is enable 2-step, or multi-factor, authentication.
Praemium's 2-step verification is a security feature that requires you to use two methods of authentication to log in to Praemium applications. Here's how it works:
- You or your client logs in as usual with a Praemium username and password.
- The login site then asks for a verification code. The verification code can either be sent to your smartphone or other mobile device via SMS or email, or generated by an authentication app.
According to the Australian Government cybersecurity website, this offers significantly more powerful security and protection against criminals. They might manage to steal one proof of identity, such as your password, but they still need access to your verification code to login to your online accounts.
2-step verification can be set up as either mandatory or optional for advisers when accessing Praemium apps and for investors when logging into Investor Portal. Mandatory means users must always use a verification code, received via an authentication app, SMS or email, to login to Praemium applications. Optional means users have the choice to enable 2-step verification if they want to improve security for their own Praemium data.
We recommend you speak to your BDM or contact our support team using the link below to register your interest in enabling 2-step verification now.
On-Demand Webinar: Cybersecurity for advice practices.
We recently partnered with leading cybersecurity firm Loop Secure to create an on-demand webinar outlining the key areas advice businesses should consider to protect their business and clients from cyberattacks.
Covering email management, password security and hygiene, data storage and how to identify phishing scams there are some key takeaways for advisers and practice support staff.VIEW WEBINAR
Protecting your clients from cyberattack
We've put together a handy guide for you to use with your clients outlining some of the practical strategies they can take to prevent a cyber attack.