Like all financial advisers, my online security strategy is summarized in a Written Information Security Plan (WISP) that requires periodic review. The beginning of the year is a good time for me to do that.
I rely on five subscription applications for digital security for my sole practitioner office and just completed a beginning of the year manual check:
1) 1Password – removes passwords from physical storage and assembles them in an online vault with audit trail, generates long random passwords, and changes them periodically.
2) Acronis True Image – makes physical copies of both hard drives and virtual drives and creates a bootable drive that could be used to recover from a
3) OneDrive, business version – primary secure data storage (I do not store data on local devices. This is a more secure tactic but it slows down document and file retrieval).
4) Windows Defender – keeps track of third party data breeches that are not under my control and lets me know what companies were breached and specifically what data that they had of mine that was possibly compromised.
5) Malwarebytes – automatically scans for malicious attacks on my machine.
Other security measures:
- Drives are encrypted.
- Two factor authentication is used in all instances where it is available.
- Secure vs unsecure communication is the client’s option.
- Reviewed and updated my WISP.