InvestmentNews Editorials

Have protocols in place to secure access to client data

When it comes to the client data for which you're responsible, protecting clients' privacy and finances must come first

Jan 11, 2015 @ 12:01 am

News that a Morgan Stanley broker allegedly stole data on 350,000 clients and that information for 900 of them made it online was a jolt for many about the reality that cyberthreats don't come only from strangers in the cloud.

The person sitting at the next desk can dump files onto a flash drive or access accounts online just as easily — if not more easily — than outsiders.

It's not natural to distrust the people you hire, work with and speak to about their families every day. But when it comes to the client data for which you're responsible, protecting clients' privacy and finances must come first.

It's OK to trust, but it's critical to verify.

Wherever personal financial gain at the expense of others is possible, checks, rechecks and more redundant checks are required. And big firms aren't the only ones that need to be on top of data security.


Fortunately, Morgan Stanley spotted the theft early. As InvestmentNews' Liz Skinner reported last week, broker-dealers and custodians typically subscribe to cyber-security services that monitor postings, but mom-and-pop adviser shops often don't have the resources to do that. How can they avoid internal breaches in the first place?

Experts recommend instituting an information-security plan that houses client data in a secure place and tightly restricts who can access it. Think of it as security clearances and sharing on a need-to-know basis.

Even if you've worked with colleagues for decades and would trust them with your life, it does not mean the virtuous among us can't make mistakes.

What if Jane takes a laptop home and misplaces it at the post office along the way? Or Bob uses a public hot spot at his local coffee shop to access client accounts he's working on? They may have good intentions, but those around them might not.

In any case, having protocols in place to secure access to and usage of client data and company equipment is a key step in protecting the very business you've worked so hard to build.


What do you think?

View comments

Most watched


How advisers can be a gamechanger for women investors

Why women defer to men when it comes to finances and how advisers can combat this phenomenon and make a difference for female investors, according to Heather Ettinger, founder and CEO Luma Wealth Advisors.


How the 2020 elections could impact ESG investing

Joseph Keefe, president of Impax Asset Management, on the elections and how advisers can build a bridge to the next generation of clients with ESG investing.

Latest news & opinion

Schorsch, AR Capital to pay $60 million to settle SEC charges

The former REIT czar and his firm wrongfully obtained millions linked to REIT mergers.

CFP Board postpones enforcement of its revised fiduciary standard

Board's new Code of Ethics and Standards to be enforced next June, in line with the SEC's Reg BI

Charles Schwab reportedly in talks to buy USAA brokerage, wealth management business

The deal would net Schwab roughly $100 billion in new assets.

Advisers scramble to help retirees navigate looming Fed rate cut

The Fed's first interest-rate cut in a decade has advisers warning against chasing the bait of risk over safety.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print