By Advisor, Compliance Director Bobby Adusumilli, CFA.

We also want to emphasize some best practices that can help us work together on this:

• MULTI-FACTOR AUTHENTICATION

  Using an additional login layer, like an authentication app, PIN, email, or text message, greatly reduces the risk of your data being compromised.

• SHARING INFORMATION SECURELY

  Sending sensitive information via email can expose your data to hackers. To share it more securely, use a trusted document-sharing portal (like MySJS Portal), password-protect the file, encrypt the email, or consider mailing physical documents.

• SKEPTICAL OF REQUESTS FOR SENSITIVE INFORMATION

  Our rule is that all information requests are considered illegitimate unless proven otherwise. Also, for one-time requests to withdraw money, SJS requires verbal confirmation.

• AVOID PUBLIC COMPUTERS AND WI-FI

  Public computers and Wi-Fi are common ways hackers access personal information. When security is a concern, using a personal Wi-Fi hotspot from your cell phone is a safer alternative.

• STORING YOUR PERSONAL INFORMATION IN SAFE PLACES

  Store personal information securely, whether digital or physical, and share it only with trusted people and services. Use secure online password storage, password-protected files, or a safe-deposit box in a hidden location.

• CHECK YOUR CREDIT REPORTS AND FREEZE YOUR CREDIT

  The three major credit bureaus—Equifax, Experian, and TransUnion—offer free annual credit report checks. To protect your information, consider freezing your credit with each bureau and only unfreezing it when needed.

• WHEN IN DOUBT, MEET IN PERSON

  Despite the many communication technologies available, in-person interactions are often the most effective and secure way to get work done.

We’re always happy to meet with you to discuss ways to better protect your information. Contact your advisor today!

Important Disclosure Information:
Statements contained in this article that are not statements of historical fact are intended to be and are forward looking statements. Forward looking statements include expressed expectations of future events and the assumptions on which the expressed expectations are based. All forward looking statements are inherently uncertain as they are based on various expectations and assumptions concerning future events and they are subject to numerous known and unknown risks and uncertainties which could cause actual events or results to differ materially from those projected.

Advisory services are provided by SJS Investment Services, a registered investment advisor (RIA) with the SEC. Registration does not imply a certain level of skill or training. SJS Investment Services does not provide legal or tax advice. Please consult your legal or tax professionals for specific advice.

By Investment / Compliance Associate Bobby Adusumilli, CFA.

While the returns of your investment portfolio are important, so are your personal information and assets. With technology advancements in recent years, protecting your information is becoming as important as ever. We have been updating our practices and policies to ensure that your information and assets remain secure. We also want to emphasize some best practices that can help us work together to ensure your information and assets remain safe:

• Multi-Factor Authentication: When logging into various websites and programs, having at least one additional login layer - such as a pin number, email, text message, and / or authentication app - can significantly decrease the chances of your data getting compromised. In light of this, we recently made the decision to require multi-factor authentication for all MySJS Portals. While this adds an extra step for people logging in to their MySJS Portals, we believe this will help protect sensitive client information.

• Sharing Information Securely: Simply sending an email with sensitive information is one of the easiest ways for hackers to access your data. Other ways to share your information more securely include using a trusted document-sharing portal (such as your MySJS Portal), password-protecting the relevant file, encrypting the email, and (old-school) mailing the relevant documents.

• Skeptical Of Requests For Sensitive Information: Scammers are coming up with increasingly clever ways to ask for your information, such as sending convincing emails as well as phone calls pretending to be someone else (today, scammers can call from a phone number that you think is legitimate as well as use a voice software to sound like someone else). At SJS, our general rule of thumb is that all requests for information are illegitimate until proven otherwise. Additionally, when we receive a one-off email to withdraw money from your account, SJS requires you to call us to provide verbal authorization for the withdrawal request.

• Storing Your Personal Information In Safe Places: For both physical and digital information, it is important to store your personal information in safe places, and to only share this information with people you trust. For example, you can use a password-protected file, a secure online password storage service, or a safe-deposit box kept in a hidden location. We recently ordered waterproof and fire-resistant envelopes that people can store their documents in - if you would like one, please let us know.

• Avoid Public Computers & Wi-Fi: Public computers and Wi-Fi are relatively easy ways that hackers can access your personal information. Using personal Wi-Fi hotspots from your phone can limit the need to use public computers and Wi-Fi.

• When In Doubt, Meet In-Person: Even with all of the different technologies and ways to communicate with each other, many times the best way to get work done both effectively and securely is in-person. Our favorite parts of our days are meeting with our clients face-to-face.

As always, we are here to help, and we are glad to meet with you to discuss how you can better keep your information secure!

Important Disclosure Information:

Statements contained in this article that are not statements of historical fact are intended to be and are forward looking statements. Forward looking statements include expressed expectations of future events and the assumptions on which the expressed expectations are based. All forward looking statements are inherently uncertain as they are based on various expectations and assumptions concerning future events and they are subject to numerous known and unknown risks and uncertainties which could cause actual events or results to differ materially from those projected.

Advisory services are provided by SJS Investment Services, a registered investment advisor (RIA) with the SEC. Registration does not imply a certain level of skill or training. SJS Investment Services does not provide legal or tax advice. Please consult your legal or tax professionals for specific advice.

Suggested Reading

How Are Your Assets Protected From Cyber Attack?

By SJS Managing Director Jennifer Smiljanich

If I asked you the question: How have computers, mobile devices, and the Internet benefited you in your life, you probably would have no trouble answering. These tools have become such a part of everything we do, that we often take them all for granted. The fact is – technology has completely upended how we view the world, how we share information, how we do business, and how we communicate.

There is, however, an undesirable side to the technology revolution that seems to reveal its depths daily. The alter ego to the Internet’s free-flow of information is the creature called “cybercrime.” And as long as we are wired together, the network we all enjoy will include the criminal element from around the globe.

Case in point, the Internal Revenue Service announced on March 26, 2015, that a Russian crime syndicate fraudulently filed more than 100,000 tax returns after obtaining personal information (including social security numbers) from other sources. With the stolen personal information, these cyber-crooks filed false tax returns, requesting more than $50 million of refunds be sent to bogus bank accounts. While the IRS will pay for credit report monitoring for the victims, there’s a whole lot of explaining to do to Congress and to the American taxpayers. How did this happen?

At SJS, we know that cybercrime is becoming more prevalent, and we recognize that no business is immune. We are aware that client accounts may be targeted, and email fraud can be a real threat.

Cybercrime is Common

According to a Securities and Exchange Commission report from February of 2015, 74% of Registered Investment Advisors like us reported they have experienced cyber-attacks, primarily involving malware and fraudulent emails. Our core value of “Continuous Improvement” comes into play as we work vigilantly to keep up with an ever-changing landscape. 

Our custodians, including Schwab Institutional and TD Ameritrade, are deeply committed to safeguarding client assets. Both custodial web sites use advanced encryption technology, including 128-bit Secure Sockets Layer (SSL3) encryption. This allows us and you to communicate and share information more safely with them. Both custodians also maintain advanced firewalls, which separate public web servers from the servers that contain account holders’ personal data, to keep unauthorized parties from accessing your personal information. Additional measures, including security certificates, token technology, anomaly detection, and restricting access to client information further help to protect the privacy of your information.

There are several other steps you can take to help protect your personal, private information:

• Make sure that SJS has updated contact information for you, especially email and telephone numbers – including an emergency contact, if you so desire.

• Update your computer’s operating system and browser.

• Activate your computer’s firewall.

• Install antivirus and anti-spyware software.

• Be cautious using public computers.

• Use wireless networks you trust.

• Don’t use sensitive information in your log-in ID or password, and especially avoid using your social security number and date of birth.

• Create a unique password and change it at least every six months, and DON’T share it with others.

• Never respond to an email that asks for your account number, user ID, PIN, password, or other personal information, even if it appears to be from a source you trust or recognize.

So the next time we ask you to provide a verbal confirmation before we act on an email request, know that we require this extra step with your best interests in mind. Our goal is to make sure any attempted fraud is unsuccessful. It’s important to be aware and prepared, but we are hopeful this information will reassure you, not raise additional concerns.

If you want to learn more about our privacy and security policies, or those of the custodians we use, please ask us. In the meantime, we’ll continue doing our best to safeguard your information, leaving technology a true enhancement to our lives.

Suggested Reading