Today much of our financial lives exist in cyber space, which means protecting your identity from hackers is now an important part of managing your money.
Our goal is to help people achieve their financial goals – and an important part of that is protecting their personal information and financial assets along the way. We know cybercrime is a top concern for just about everyone. After all, identity theft has become the fastest-growing crime in the United States, costing Americans nearly twice as much as property crimes.
That’s why one of the most common questions we’re asked is: How do we protect people’s personal information and financial assets? So, in this blog, we wanted to show how Advance Capital Management is committed to providing the resources needed to continually meet or exceed the highest standards to protect our clients’ information.
In-House Information Technology Team
Our protective measures start with a dedicated, full-time, experienced in-house Information Technology (IT) team to ensure cyber security standards are a focus every single day. This also allows us to adapt very quickly to new threats and challenges.
Advance Capital’s IT team is the winner of AT&T / DDI’s prestigious “Best Overall Network Security” Award for 2017, 2019, & 2020 (1st runner-up 2018).
Security Policies and Procedures
Here are some highlights of our security protocols, standards, policies & procedures:
- Multi-factor authentication requirements on all our systems, which research shows makes them 99.9% less likely to be compromised than those with passwords alone.
- Redundant systems that get our computer systems back up and running at full capacity in minutes or hours (not days/weeks) in the event of an outage.
- Daily vulnerability security monitoring to stay ahead of constant threats. Security patches are also deployed daily to protect against zero-day threats.
- Strict security requirements on all devices that access our systems including encryption, security updates, and virus-protection
- Use of DocuSign with the strictest security protection that requires proof of identity and not just a password.
We also continually update our cyber security policies and procedures – following the federal government’s NIST Cyber Security Framework – to ensure we’re exceeding the highest standards.
A Secure Custodian Holding Your Financial Assets
We also choose our vendors and partners carefully to ensure they are meeting the same high-quality standards as Advance Capital. We use TD Ameritrade as custodian and record keeper of your assets in part because they offer such stringent security measures and protocols. In addition to expected security features like firewalls and identity checks, they also have an asset protection guarantee that reimburses you in the event of unauthorized activity.
Any portfolio transactions, trading, withdrawals, or any other account changes will be executed only through your Advance Capital financial adviser and support staff. TD Ameritrade only has authorization to make any of the above transactions with our initiation. We've purposely deactivated the ability to make trades or withdrawals via TD Ameritrade’s website. We ask that clients call us to make sure that we can verify you are who you say that you are. Then, we can only send money to your address of record via check or into a bank account that you've previously authorized.
Companywide Staff Security Training
Ultimately, our protective measures are only as good as our weakest employee in terms of cybersecurity. That is why regular cybersecurity training for all our employees is mandatory. This ensures that every employee is aware of the latest threats and how to protect our clients against them.
What You Can Do
Lastly, we like to encourage people to act as their own cyber security force.
There's a few simple things that you can do that will greatly protect your information. One of them is making sure that you don't reuse your passwords, especially on important sites like your financial, email and social media accounts. That way, if somebody were to gain access to one of them, they wouldn’t have access to everything all at once.
Another step is implementing two-factor authentication or multifactor authentication. This is when you receive a code to log in to your accounts. This should be in place for all sites that you store personal information, especially email. Just think about all the personal things that you might have in your email folders. Also, if somebody gains access to your email account, they may be able to access your other accounts and reset the passwords.
While that may sound like a hassle, it really is not. When you set this up, your provider will know the device that you use all the time and your location. So, it would just be when you go to a new device or a new location that you have to put that in.
Finally, just always be cautious. Trust your intuition and ignore unsolicited emails or phone calls. Never click a link in an email you don’t recognize. If something doesn’t seem right, then it probably isn’t.
For more information, check out this video featuring Advance Capital’s chief information officer Tim Wilson and financial adviser Michael Hohf: