Best Practices for Data Security

Best Practices for Data Security

January 01, 2021

One of my all-time favorite movies is Mel Brooks’ classic 1980’s Star Wars inspired spoof: “Spaceballs.” Other than being hilarious,
it can teach us some life lessons. For example, never underestimate the power of the Schwartz, buckle your seat belt before going
to ludicrous speed and absolutely do not hit the self-destruct button unless you really, REALLY mean it. And of course, when it
comes to security, do not use the password combination 1, 2, 3, 4, 5.

All joking aside, data security is a one-way street in this day and age – you either have it or you don’t. Also, with increasingly sophisticated bad actors, it is essential that you take steps to stop them in their tracks. Below are some data security best practices that can provide front-line protection:

  • Establish Two-factor Authentication: two-factor authentication on sensitive login’s such as credit cards, bank accounts and investment accounts would prompt you to enter a code (received via text, phone call or email) in order to
    access the account.

  • Update passwords regularly: update at least every 3 – 6 months. Consider using unique passwords for each login and
    always use strong passwords (if you are using the password 1, 2, 3, 4, 5 make sure you change it!).

  • Store passwords securely: do not store passwords on a piece of paper, on a PC desktop or on a phone drive. If you
    cannot remember them, consider using a secure online password manager.

  •  Always send sensitive information securely: send sensitive information using an encryption service. if an encryption
    service is not available, consider mail, overnight delivery or simply in-person delivery.

  • Obtain an IRS protection PIN (IP PIN): tax return fraud is becoming more prevalent, and an IP PIN will be used to verify your identify when filing your federal tax return. An IP PIN is valid for the current tax year and each year you should be provided with a new PIN.

  • Do not respond to an unsolicited request for sensitive personal information: you will not receive an unsolicited call
    from an organization such as the social security administration or the IRS. If you do receive an unsolicited call, do not
    provide any information.

  • Keep contact information up to date: do not delay in updating your contact information if your address, email address
    or phone number changes. If your contact information is not current, it may be difficult for your financial institution to
    alert you of suspected fraud.

  • Be vigilant for phishing attacks: do not click on suspicious links or open suspicious emails or messages. If you are unsure, always proceed with caution.

As always, please reach out to your trusted advisor with any questions