By Karen Stephens // BCYBER
Guest Contributor
In the financial advice arena, some tenets remain unchanged. For example, all financial advisors want deeper client relationships and to build a more sustainable business model. Standing out from an increasingly homogeneous advice market doesn’t have to be expensive or time-intensive, but it does mean a little lateral thinking.
Introducing cyber safety initiatives for clients is one way to differentiate your advice firm from your competitors and add value to your clients beyond just investment and insurance advice, all while boosting your own firm’s human firewall. To help you take the first steps, here are six easy cyber initiatives you can implement that have a real and positive impact on your clients and your business:
1. Cybersecurity tips on a regular basis
Cybersecurity training shouldn’t be a “one and done” program. Cyber awareness is more likely to stick if you present shorter tips regularly, rather than delivering it all at once. For example, if you have a client newsletter, you can simply add one handy hint each time you send it out. Other ideas may be to add a few cybersecurity tips at the end or any “lunch and learns” or client events. If you’re not sure what tips to share, check out the Friday Files on the BCyber website and borrow a few of ours.
2. Build cyber awareness into your onboarding and annual reviews
The onboarding process is one of the most important processes for any advice firm. It sets the framework for your entire relationship, while the ongoing reviews serve as important checkpoints in fulfilling that promise. Part of the onboarding process could be educating clients on recent breaches, recommending password changes or helping them set up multi-factor authentication for their online accounts. And then during reviews, you can impart additional practical tips as part of the process. By incorporating cyber awareness into your onboarding and review processes, advisors provide additional value in helping protect client data, assets and information.
3. Don’t forget mobile phone and personal devices
During the pandemic mobile devices have become a favorite attack target, and this trend is not likely to decrease any time soon. Here are three things you can help your clients do to better secure their mobile devices:
- Complete an app audit: The average person has 40 apps installed on the phone but the majority of time is spent on 18 of them, so if your client hasn’t used an app in the last month, maybe it’s time for it to go. Old or unused apps may not be kept updated and can house serious security flaws that make it easy for cybercriminals to compromise your device
- Review app permissions: By default, apps may have access to all sorts of information, settings and other tools. It’s important to take the time to think through whether they really need access to your contacts, location, camera, etc.
- Install anti-virus protection: If your clients don’t have anti-virus software installed on their phones and personal devices, then make sure they do. You could then incorporate reminders to update their software as part of your regular communications and reviews.
4. Social media use
Cybercriminals do not have to be spies to find out personal information about most people—information that’s often used for passwords and security questions. Personal data such as birthdate, first school, names of children, spouses, etc. can easily be found on social media accounts. Recommending clients tighten their privacy settings will make their data harder to get and better protect them in the long run.
Remember, the security questions are for you to know, provided you can remember the answer, so they don’t have to be “truthful”. No one will check to see if your first pet’s name really was Rex.
5. Good password hygiene is forever
Good password practices should not stop once you are at home or have stopped working and are enjoying retirement. Firms can expand the use of their own password policies and provide clients with a quick password checklist that’s based on real-world security measures. And if you’re stuck on what password guidelines to share, check out my previous post.
6. Actions speak louder than words
When you’re encouraging your clients to become cyber aware, always lead by example. For instance, calling to reconfirm that instructions are actually from the client (and not someone posing as them) is simple and effective and allows you to have another touchpoint with your client. If you want to implement phone confirmations as a security measure, here are some client requests/instructions to consider:
- Money withdrawal requests
- Adding new banking instructions
- Changes to account authorizations
- New contact details
The fastest way to erode your hard-earned client loyalty and trust is with a data breach. While your firm is undoubtedly doing everything it can with all manner of security initiatives, human error is the number one cybersecurity threat to businesses in 2021. A recent IBM report found that human error is a major contributing cause in 95% of all breaches. So focusing on informing and educating everyone associated with your firm, including your clients, is key to hardening your cybersecurity resilience. Finally, the importance of delivery consistency can not be overstated as it contributes towards building your brand image, building client trust and deepening your client relationships. So, if you decide to incorporate any of the above suggestions, you need to be prepared to not just deliver them as a once-off exercise, but build regular cyber awareness initiatives into your ongoing client relationship programs.
Introducing cyber initiatives is mutually beneficial for your clients and your firm. It will better protect data and assets and will help bolster your entire human firewall, so there’s no time like the present to get started!
Get our latest posts delivered straight to your inbox
Subscribe to our blog today.
To learn more about Practifi, visit www.practifi.com.
