A Policy Manual for Data Security

2 Comments

I recently got a mortgage and it was surprising how much information a total stranger was asking for—and I had to give them this information. I, of course, checked out the firm with various associations to ensure it was legitimate. But through this experience I realized how clients must feel about advisers having so much personal information on their family. Additionally, expectations that an adviser will keep that information secure is assumed to be perfect. With this level of expectation, documenting will go a long way to managing security. Much like other policies and procedures manuals and checklists, security should follow the same pattern.  Unfortunately there is no one single format that works for all firms, but here are some items to consider when creating such a document.

  • Risk analysis
  • Staff member roles
  • Physical security
  • Electronic communication (email/Smart phones)
  • Blogs and personal websites
  • Facility design, construction and operations
  • Media and documentation
  • Data and software security
  • Network security
  • Internet and IT contingency planning
  • Outsourced services
  • Employee termination procedures (IDs, passwords, expense accounts, remote access, etc.)
  • Incident reporting procedures
  • Access control guidelines
  • Security compliance checklists

It seems like a lot, but addressing each one of these items will help in building a manual that will grow over time. Additionally, sharing this level of information with clients about how you are keeping their information safe can differentiate your practice.

Ash Bhatnagar, CFP®
President
RIA Independence Co.
Princeton, N.J.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 198 other followers