Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
Brokerage firms nervous about sloppy security practices
MADISON (6/9/14)--Advanced technology can improve online security but it can't overcome carelessness on the part of financial professionals, and Wall Street brokerage firms are nervous about the potential consequences.

Practices such as taping sensitive passwords to computer monitors and storing them in binders labeled "passwords" compromise the technological advances made in recent years, according to officials from the Financial Industry Regulatory Authority (FINRA), Wall Street's industry-funded watchdog ( Reuters June 6).
 
Some firms give login information to temporary workers then neglect to cancel their access when the workers move on. Examiners traded anecdotes about how careless brokerage employees were at a recent FINRA conference.
 
The problems are being highlighted as major online security breaches in other industries are giving Wall Street reason to think twice about online security standards.
 
Security breaches could trigger privacy law violations and trouble with financial regulators, which have noted a spate of breaches in other sectors and companies, including eBay Inc., Target Corp, Neiman Marcus Group LLC and other retailers.
 
FINRA and the U.S. Securities and Exchange Commission are looking into measures that brokerages and asset managers have put in place to safeguard against cyber attacks. On June 3, the top Massachusetts securities regulator announced cyberaudits of state-registered financial advisers.
 
The increased focus on cybersecurity is causing some firms, especially smaller ones, to step up prevention measures, said Joseph Rivela, chief strategist for Breach Intelligence LLC, a Farmington, Conn., information security firm. Many smaller firms lag their large counterparts in terms of security policies and procedures, Rivela said.
 
But even employees at large firms are vulnerable. For example, scam artists sometimes pose as customers and make wire transfer requests. FINRA has disciplined sales assistants who transferred funds without first verifying those requests with the actual customers.

Scam artists also send "phishing" emails that appear to be from customers and ask for personal data. Another scenario involves fake wireless hot spots that scam artists set up in public spaces to invade firms' systems.
 
Educating employees about scams is a critical first step, said Rocco Grillo, who heads a global information security unit at Protiviti, a division of California-based Robert Half.


RSS





print
News Now LiveWire
Which Children's Miracle Network Hospital is the winner of @CUDirect's 20 for 20 grand prize? Find out Tuesday.
4 hours ago
Gas prices have fallen for a record 88 days in a row says @AAAnews via @washingtonpost http://t.co/c52VTdqHEB
7 hours ago
.@TheNCUA releases regulatory modernization initiative results (PDF link) http://t.co/pgLZe4aget
7 hours ago
#FinCEN seeks nominations of FIs, trade groups for membership on Bank Secrecy Act advisory group http://t.co/l5w58c277W
8 hours ago
MI pediatric dentist pledges $20K match to Hurley Children's Hospital if it wins @CUDirect's 20 for 20 http://t.co/Eq2nIPm6jo
9 hours ago