Compliance Corner: Cybersecurity

Cybersecurity has been a growing buzz word over the last few years. Altavista works diligently to stay ahead of the curve when it comes to protecting our clients’ personal information. This spring Altavista is working through a “Strengthen your Cybersecurity Program” series offered to financial advisors by Schwab Advisor Services.  Much of the material is geared toward business data and further ensuring we are keeping our clients’ confidential information safeguarded on all fronts. However, a great deal of the program’s material translates to the individual in our ever-increasing technology and mobile device driven lives.  With the most recent Facebook privacy scandal still fresh, we are reminded we must all be stewards of our confidential information and aware of how quickly it can be shared.

At the most basic level, there are two types of data: data at rest and data in motion.  Data at rest is the information sitting on a device such as the hard drive of your computer or laptop, the flash memory in your smartphone or tablet, or files you may have saved to a USB drive or memory stick.  This data generally stays in one place but is still vulnerable to hackers trying to access your data through malware (damaging or disabling software) inadvertently installed on your devices (more about this later).  The old-fashioned hands on thief is also watching for opportunities to steal your unprotected computer/laptop, tablet or smart phone or USB drive.

Data in motion by definition is information being transmitted from one place to another. This is happening around the clock through our intranet cabling and router, our mobile phones and devices, WiFi (wireless internet), and Bluetooth wireless connections. With certain settings on your smart phone enabled, possibly accidentally, data can be moving from your device to someone else’s without your knowledge just by being in the same proximity as other mobile devices.   Every time you purchase something online, data including your payment source is moving through several channels which could be intercepted.

Protection for both types of data are available and constantly improving.  Let’s break it down by each data type. As with any good insurance plan, start with an assessment of your current situation, identify the risks and then get yourself protected.  It’s that simple.

Data at rest

  • Update and secure your passwords. Changing your passwords and not using recurring passwords are the simplest ways to reduce unintended access. Many websites which store financial information or credit card details are requiring two-factor authentication requiring extra security questions and possibly a unique pin number to log on.  Password manager programs are a secure way to manage your multiple passwords.
  • Most mobile devices have built-in encryption, however minimal additional protection is helpful to make sure only you have access to your smart phone or tablet. These restrictions include numeric passcodes, finger print recognition, or now even facial recognition is an option on some devices.
  • Get anti-virus software installed on your computer/laptop. Have it running constantly to detect and quarantine viruses. Frequent references these days compare running your computer/laptop without antivirus protection is like leaving your front door unlocked and open with mail and packages sitting on your front porch.
  • Consider Malware removal software. Malware can include viruses, spyware, adware and trojans intended to damage or disable your computer or capture activity and key strokes as you navigate. Anti-virus programs can detect and quarantine but do not always remove the culprit.
  • Turn on automatic updates within your operating systems, web browsers and your smart phone. They are designed to protect against the most recent threats. Yes, some updates do cause other issues on your mobile devices, so do your research. But rule of thumb on computers is allow updates and anti-virus programs to run automatically for your best defense against the latest threats.
  • Protect your data at rest from being physically lost by storing a backup of your data through an encrypted provider (iDrive, Backblaze or Carbonite are popular options). These can be relatively inexpensive solutions for secure storage and copies of your files. Imagine losing all the treasured photos or confidential documents you have saved to your computer or laptop.

Data in motion

  • Do not email or text confidential information (credit card or bank account numbers, social security numbers, etc.) These are easy thoroughfares for hackers to intercept.
  • Be careful what you click! Phishing emails and embedded links both in emails and on social media are the fastest growing threat for individuals. If you are not expecting a link or article from a sender, confirm by phone the sender has sent something before clicking on anything within the email or social media message.
  • Do some research before shopping online. Make sure you are purchasing through a secure website with an https address containing an “s” for secure.
  • Be very careful of USB drives. Not only ones you may use but also limit the opportunity for someone else to place one on your computer and download private information or upload a virus or malware.
  • Think twice before you share your birthdate, address or your vacation plans on social media.
  • If you feel something is “off”, stop and do some maintenance. Change your passwords, check your anti-virus history and if necessary, consult with or take your computer/device to a trusted technology provider to do a full scan of your data both at rest and in motion.

A regular credit check or a subscription to an ongoing credit monitoring service is a good way of discovering any fraudulent credit accounts in your name. If you discover your personal information has been compromised and you are a victim of identity theft, visit for information from the Federal Trade Commission on how to report and recover. We live in a world of technological convenience and a seemingly unlimited ability to order up information, services, groceries and almost everything else. It is ultimately up to the individual to make sure his or her private financial and personal information remains off the menu.

Please remember that past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Altavista Wealth Management, Inc. (“Altavista”), or any non-investment related content, made reference to directly or indirectly in this newsletter will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this article serves as the receipt of, or as a substitute for, personalized investment advice from Altavista. To the extent that a reader has any questions regarding the applicability of any specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing. Altavista is neither a law firm nor a certified public accounting firm and no portion of the article content should be construed as legal or accounting advice. A copy of Altavista’s current written disclosure Brochure discussing our advisory services and fees is available upon request.

Please Note: If you are an Altavista client, please remember to contact Altavista, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. Altavista shall continue to rely on the accuracy of information that you have provided.