Smartphone security should be the No. 1 priority for advisers accessing client data on the go

Hacking isn't just on desktops — mobile devices are the new battleground

Aug 5, 2015 @ 12:42 pm

By Alessandra Malito

As the shift to mobile transforms the financial services industry, advisers need to be aware of best-practice methods to ensure smartphone security.

Although data breaches and hacking into enterprise networks and desktop computers have been more publicized lately, advisers who use their smartphones to access client data are also highly at risk — and they may not even know it.

"I don't think people think so much about securing their phones as they should," said Steven Ryder, president of TrueNorth Networks, an IT consulting firm. "More and more people have them, so they are becoming more and more of a target for hackers.

"Security isn't convenient, to have to type a password in on your mobile device, but it is important to do," he added.

There were more than 1.3 million unique smartphone hacks from January to October 2014 — that's a fourfold increase from the year before — according to a Kaspersky Lab report cited in a CNBC article. These hacks were attributed to the fact that smartphone users are using their devices to transfer money.

A Juniper Research report found annual transactions of online, mobile and contactless payments will jump to $4.7 trillion by 2019, up from $2.5 trillion in 2014.

According to another Kaspersky survey, 31% of the smartphones and 41% of the tablets used by respondents are not even PIN- or password-protected. Of those who responded, 28% are not aware of the existence of cyberthreats targeting mobiles, and 26% of those surveyed said they were aware but didn't worry about it.

Even if advisers don't jump on the mobile bandwagon immediately, they still need to be aware that the threat is real. There are a number of ways that advisers can stay safe when using their phones.

For one, Lorraine Ell, president and director of training at Excellat Consulting, a technology firm for advisers, said that it is imperative to be aware of which WiFi connection mobile devices are connecting to whenever an adviser is outside of the office.

"You never really know what WiFi service your phone is accessing," Ms. Ell said. "When you're outside of your office, I recommend you do not tap into a database of clients that may contain sensitive information using your cellphone."

She noted that there is a difference between what types of data advisers are trying to view — if it's just addresses and phone numbers, that's fine, but anything containing Social Security, credit card or bank account numbers could become problematic.

Advisers should also be considering what apps they are installing, and what data these apps are accessing or tracking. Similar to how third-party vendors may have access to adviser information, so too can apps.

“Be aware of who you are giving your information too, just like on any social media site,” said Carlos Simoes, chief technology officer of CircleBlack, a portfolio-analysis program for advisers.

Then there's the simplest — but perhaps most overlooked — of security strategies: having a password, or at least a four-digit PIN, to enable phone access. Mr. Ryder said that advisers can go a step farther by encrypting their phones.

Joel Bruckenstein, co-founder of Technology Tools for Today, an annual financial services technology conference, said that advisers should be proactive and set up a phone or tablet to take advantage of technology available to help in the event that it is lost or stolen.

"Just be aware that a lot of these devices get stolen," Mr. Bruckenstein said.

His suggestion is to use Apple's or Google's services to find a lost phone, or one that lets an adviser remotely lock the missing device or wipe out all information stored on it.

"If there's anything at all on there that has confidential data, when in doubt, just push that button," he said.


What do you think?

View comments

Recommended for you

Upcoming Event

Oct 23


Women Adviser Summit - San Francisco

The InvestmentNews Women Adviser Summit, a one-day workshop now held in four cities due to popular demand, is uniquely designed for the sophisticated female adviser who wants to take her personal and professional self to the next level.... Learn more

Featured video


What's behind the TCA, ETrade deal?

Deputy editor Bob Hordt talks with senior columnist Jeff Benjamin about what each party in the recent acquisition stands to gain by joining forces.

Latest news & opinion

As DOL fiduciary rule dies, variable annuities come alive — sales up for first time since 2014

Indexed annuity sales also broke their previous quarterly sales record.

Cambridge Investment Research bags mid-sized broker-dealer

Broker Dealer Financial Services, an IBD with 150 reps and advisers, and $3.5 billion in assets, will become a Cambridge OSJ.

HighTower on prowl for new CEO, Weissbluth to become chairman

Move is latest in Chicago-based RIA consolidator's effort to expand senior leadership team.

What's in a name? For TCA by ETrade, everything

Trust Company of America is gone, and there's big buzz over the name change. But turning the custodian into an industry powerhouse will take a lot longer — if it happens at all.

As Ameriprise case shows, firms on hook when brokers go bad ​

The SEC will collect $4.5 million from the brokerage firm for failing to supervise brokers who were ripping off clients.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print