Matthew Sarrel, executive director of the Sarrel Group, addressed attendees at the Financial Planning Association's annual conference on Monday, stressing that no single line of defense was sufficient to block threats to advisors' sensitive data. Web-based "blended attacks," when hackers attack users, networks, operating systems and browsers, are increasing, he said.
"The bad guys are getting smarter. No one product can stop a threat," he suggested. To counter these multi-level threats, advisors need to implement "active protection," which uses software with behavior-based scanning on processes as they occur. Advisors need to use a combination of firewalls, including network and software firewalls, and anti-virus software. He cautioned advisors not to overlook physical security.
"If you can't secure an area," he warned, "don't leave data there. Store all data on the server, not on the workstation." He suggested advisors maintain a database of physical assets, including the manufacturer, model number and serial number.
Sarrel noted that in the past it was easy to see when a computer was infected with a virus. Not so today. "It used to be an ego thing," he told the audience. But now, "this is big business, and it's in their best interest for you not to know."