What I Do to Keep My Clients’ Financial Data Secure

By Scott Hamilton

The days of black ski masks and break-ins in the middle of the night are long gone. It may seem like a short time ago to most of us, but there was a time when we kept data secure just by buying the thickest, fanciest locks and safes. Nowadays, criminals can get all of the information they need to steal from you without ever leaving their bedroom. 

Finding a financial advisor to partner with that has your best interest in mind is hard enough, but can you also trust them to keep criminals’ hands off your important financial information? As a financial services firm, we are required by law to keep extensive records of your personal information and your account activity, so here’s a look at what I do to keep that data secure.

Security Measures I Implement

First and foremost, I want to make sure that all communications are kept private and secure. When videoconferencing is necessary, I communicate through Zoom, which is considered one of the safest videoconferencing apps in the world because of its compliance with a range of regulatory security standards. 

Aside from communications, I do not store any data on my computer’s physical hard drive; everything is stored in the cloud. While it may not seem intuitive since you may think it’s harder to steal a physical laptop than it is to hack a cloud database, the reality is that most of the biggest data breaches at companies are from traditional computers. (1) Data is much better off stored in a cloud where big cloud computing companies have access to the best experts and top-of-the-line hardware in order to best protect your data. Despite storing your data on the cloud, I still take no chances with my hardware and make sure that my laptop, desktop, iPhone, and iPad are encrypted and locked. This ensures that even if someone were to steal any of these, they could never access your data.

There are many security measures I take to protect my clients’ financial data, including: 

  1. All my devices are run through a VPN and the operating system and hardware are updated regularly.
  2. I have anti-virus software on all my computers and update it regularly.
  3. I use C2C (cloud-to-cloud) backup for all data.
  4. I engage a third party to conduct regular security reviews and penetration testing.
  5. I use only Apple products to improve security over Windows-based devices; these are locked when not in use.
  6. I have been using a password manager for years which provides me with unique, complex passwords.
  7. I use a higher-end business router, which is more secure than consumer routers.
  8. I ensure that local data is kept to an absolute minimum and is archived continuously.
  9. I have a firewall enabled for my computers and router, which includes IP blocking from countries such as Russia and China or known bad IPs.
  10. I leverage two-factor authentication everywhere available.
  11. I use the enterprise versions of Microsoft products, not the business or consumer versions.
  12. I offer encrypted email via Microsoft Outlook; however, most clients decline to use it.

Phishing Prevention

Phishing attacks involve tricking you into sending money to a scam artist pretending to be someone you know. By the time you realize what happened, the money is gone and there is no way to get it back. Phishing attacks are most commonly done via spoofed email addresses, but they can also spoof cell phone numbers. I definitely wouldn’t consider myself to be gullible, but the reality is that around a quarter of all data breaches include phishing and 85% of data breaches include a human element. (2)

Although I wish I could trust any email or voicemail I receive, I always have to make sure that all information I get is actually coming from you. For example, when a client needs to change bank account numbers, I require that we get on a video call and that they verify their bank account and driver’s license number directly over a video call so I know they are who they claim to be.

Always Improving

A lot of these security measures seem like common sense now, but there was a time when people believed they weren’t necessary or they were overkill. As technology continues to rapidly advance, just having a password on your computer and a lock on the filing cabinet isn’t going to cut it. That’s why I make it one of my top priorities to always keep up with the times and stay proactive in protecting your data from the criminals of today. If you want to learn more about how I keep your best interest in mind, schedule a complimentary get-acquainted meeting online or reach out to us at 512-261-0808 or scott@hamiltonfinancialplanning.com.

About Scott

Scott Hamilton is founder and chief financial officer at Hamilton Financial Planning, a wealth management firm that specializes in providing comprehensive financial planning for retirees. With over 20 years of experience in the financial industry, and having completed over 250 financial plans for retirees across all industries, but mostly the oil and gas industry, Scott is passionate about providing his clients with the tools and insight they need to achieve their financial goals. He has a Bachelor of Business Administration in finance from Texas State University and an MBA in international finance from Pepperdine University. Scott has also been happily married to his wife, Gayle, for over 25 years. To learn more about Scott, connect with him on LinkedIn

(1) https://thesciencebehindit.org/how-secure-is-data-stored-in-the-cloud/#:~:text=Cloud%2Dbased%20data%20are%20generally,computer%20connected%20to%20the%20Internet.
(2) https://expertinsights.com/insights/50-phishing-stats-you-should-know/