Breaking

Post Top Ad

Your Ad Spot

Search

Friday, February 2, 2018

Data Protection and Laptop Security

By Cory Roberson, Principal at RIA Review and RIA Consults



Data Protection/laptop theft security
Yesterday, in the second incident this year, we witnessed a laptop theft at a coffee shop in the bay area.  We suspect this is a part of a larger theft ring in which police recently discovered more than $2 million in stolen laptops packaged to ship from the Port of Oakland to Vietnam.
If you choose to work remotely, here are a few steps you can take to protect your laptop data.
Purchase a tracking & erase software program.
Purchase a lock and cable.
Carry laptop with you when you order food, drinks, or even go to the bathroom.
Use password lock feature when laptop is in sleep mode.
And lastly, for safety purposes, avoid vigilante justice since the thieves tend to work in groups and they may carry a weapon.
SEC:  Observations on data protection

On May 12, 2017, the SEC Office of Inspections and Compliance Examinations (OICE) staff issued a response to a recent ransomware attack (WannaCry, WCry, or Wanna Decryptor) that affected data systems in more than 100 countries.

In the examination of IT practices of 75 advisors, broker-dealers, and mutual fund companies, 

SEC staff discovered the following results:

5% of broker-dealers and 26% of investment advisors did not conduct a risk assessment.

5% of broker-dealers and 57% of investment advisors did not conduct penetration tests.

All brokers-dealers and 96% of investment advisors perform system maintenance checks.

10% of broker-dealers and 4% of firms were missing software updates/security patches.

Best Practices for security

We recommend that advisors who use laptops in remote settings add policies and procedures to safeguard client information in case of a theft. 

A few places to add procedures would be:

Cybersecurity Plan – add use of laptops to risk assessment.

Code of Ethics – training employees.

Privacy Policy – informing clients of methods for data protection or security. 




Our Mission: “Serving the Investment Community to Make a Social Impact”

Cory Roberson is Principal of RIA Review, a compliance and document management portal (www.riareview.com) - 110+ users and growing.  He is also Principal of RIA Consults -Roberson Consults Group), a consulting firm providing compliance, operations, and business development services for registered investment advisors and next-gen fintech entrepreneurs (www.riaconsults.com) more than 160 SEC & State advisors clients across the US (including a few in Europe).  His third platform, RegTech Review, a FinTech compliance portal site: (http://regtechreview.com) is currently in prototype stage.   

As a social entrepreneur, through his mission-driven arm SoCap Missions (http://SoCapmissions.com), he provides business support group sessions and has volunteered for more than 15 youth programs in locations such as S. Korea, China, S. Africa, Thailand, and India.

No comments:

Post a Comment

FIN Compliance

Post Top Ad

Your Ad Spot

Pages