Michael Kitces #FinTech

How to make sure your firm's data is secure in the event of an outage

Don't wait for disaster to strike — be proactive in establishing a business continuity plan and protocols to secure your data

Jul 17, 2015 @ 11:29 am

By Gregory H. Friedman

With recent high-profile headlines of outages and technology breaches affecting giant corporations, advisers must remember the importance of business continuity planning.

Here are a few best practices to ensure that you have a comprehensive business continuity plan:

Regulatory: Ensure your business continuity plan is in line with regulations, is tested at least annually, and is documented in your policies and procedures.

Business disruption: Identify potential business interruption issues such as power outages, technology disruption, weather events, etc. Put in place detailed procedures that are documented to provide an action plan in case of these occurrences.

Key person risk: Identify the key personnel in your business who directly impact the operations and have a detailed back up plan, cross-training and contingency plans in place in case that key person or team becomes unavailable.

Technology: Identify and document back up plans you have in place such as redundancy, security and ability to restore key operational technology in case of an outage or disruption. Understand passwords and encryption, the location of all laptops and mobile devices, and have a documented plan in place.

Executive ownership: Ensure that all senior management is aware, understands and is involved in all aspects of business continuity planning.

(Related read: How a cloud backup helped one adviser's disaster-recovery planning)

These are just a few approaches to ensure that you and your business are protected in case of potential issues that can have a serious impact on your business.

These high profile cases are also great examples of the importance of working with key partners who can support you in this process at the highest levels. How secure is your data? Engaging with your technology vendors and requesting – in writing – their security policy can help ensure your business is covered in case of outage or disaster.

Here is a checklist of questions to ask your vendors:

Data security: Where is your data stored? How is it transmitted, encrypted and monitored?

Availability management: Is the infrastructure fully redundant including HVAC, conditioned uninterrupted power, suppression systems, enterprise-class routing equipment?

Certifications: Does your vendor adhere to information security and related certification and standards?

Network monitoring and protection: Are there dedicated firewalls, advanced web application firewalls, and load balancers?

Physical and environmental security: Who has physical access to the servers where your data is hosted? What security measures are in place at those facilities?

(More: The biggest cyberthreat to advisory firms: Employees)

Assessing the security of your data helps protect you, your firm and your clients from unforeseen circumstances. Don't wait for disaster to strike – be proactive in establishing a business continuity plan and protocols to secure your data.

Gregory H. Friedman is co-founder and president of Junxure, and founder and president of Private Ocean.

More from Greg Friedman: Why seamless technology integration isn't always so seamless


Do you have a plan for your data in case of an unexpected outage?

View comments

Recommended for you

Featured Research

The 2015 InvestmentNews Adviser Technology Study

This in-depth study provides a blueprint for the industry, providing actionable information to advisers, along with the latest solutions to help them drive profitability, efficiency and growth for their firm.

Featured video


The importance of a diverse team

Clients, advisers, and even communities are telling firms that yes, diversity within the advisory community is important.

Latest news & opinion

Private Ocean grows to $2.2 billion with acquisition of Mosaic Financial

Combined financial planning operation gives the firm an expanded footprint in the San Francisco area.

Joe Duran has a game plan, and anyone can play

The CEO of United Capital built a formula for holistic financial planning that any firm can tap into — for a price.

LPL video about private equity looks like a swipe at Cetera

Recruiting video warns about potential consequences for advisers when a PE firm buys a broker-dealer.

Ladenburg chairman Phillip Frost steps down

The SEC charged Frost with fraud earlier this month.

Envestnet Tamarac partners with Schwab, TD on digital account openings

Auto-filling documents designed to make onboarding more efficient for RIAs and more convenient for clients.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting investmentnews.com? It'll help us continue to serve you.

Yes, show me how to whitelist investmentnews.com

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print