MN Dept. of Commerce: Tips for investors to keep their information safe and ask questions about cybersecurity

Minnesota Department of Commerce

With October being both Cybersecurity Month and Financial Planning Month, the Minnesota Commerce Department suggests this is a timely opportunity for investors to practice good cyber hygiene habits when using online investment accounts. 

The Commerce Department also recommends that investors should ask their financial professionals questions about their cybersecurity practices. A recent examination of investment advisers by state securities regulators, including Minnesota, revealed nearly 700 deficiencies in cybersecurity,

“With recent widespread data breaches in the news, investors have good reason to be concerned about the safety of their financial information,” said Commerce Commissioner Mike Rothman, whose agency serves as the state’s securities regulator. “Commerce has provided guidance to our regulated industries to take appropriate measures to protect customers’ accounts and prevent any fraudulent activity from breaches. Investors can also take proactive measures to secure their accounts.”

The Commerce Department offers investors the following best practices with online accounts:

• Protect your online accounts: Create a strong password and use different passwords for different accounts. If one password were compromised, all of your accounts using that password would be vulnerable too. Remember to change your password every few months. 

• Access your accounts safely: Make sure your anti-virus, firewall and other security software are up-to-date. Avoid using public wireless networks that don’t require a password. Check for the padlock icon in the corner of the browser that signals the website you are using is encrypted and be sure to log out of your account when you are finished.

• Be alert for suspicious activity: Regularly monitor your online bank accounts. Keep track of your transactions so that you can spot suspicious activity and report it as soon as possible. 

More guidance on protecting financial information is on the Commerce Department website.

As an investor, you should also hold your investment and financial professionals accountable for cybersecurity. Think about the safety of your financial information, and talk with your investment professionals about what steps firms are taking to safeguard client information.

Before you make an investment, be sure the firm or individual selling you the product has a satisfactory plan in place to protect your private data from cybersecurity threats. The Commerce Department suggests using the following questions to assess the strength of a firm’s or individual’s cybersecurity.

• Cyber preparedness: Has the firm addressed which cybersecurity threats and vulnerabilities may impact its business?

• Cybersecurity compliance program: Does the firm have written policies, procedures or training programs in place regarding safeguarding client information?

• Cyber insurance: Does the firm maintain insurance coverage for cybersecurity?

• Cyber expertise: Has the firm engaged an outside consultant to provide cybersecurity services?

• Cyber confidentiality: Does the firm have confidentiality agreements with any third-party service providers with access to the firm’s information technology systems?

• Cyber incidents: Has the firm ever experienced a cybersecurity incident resulting, directly or indirectly, in theft, loss or the unauthorized exposure, use of or access to customer information? If so, has the firm taken steps to close any gaps in its cybersecurity infrastructure?

• Cybersecurity safeguards: Does the firm use safeguards such as encryption, antivirus and anti-malware programs? Does the firm contact clients via email or other electronic messaging, and if so, does the firm use secure email or any procedures to authenticate client instructions received via email or electronic messaging, to work against the possibility of a client being impersonated?

Rate this article: 
No votes yet
Article category: 
Comment Here