Dual factor authentication (DFA) is a security protocol that requires Los Angeles investment advisors to provide two ways of identifying themselves to access information or assets.
It uses two of the three potential authentication categories listed below to make a system harder to crack.
- Knowledge: something an authorized user has memorized, such as a password or PIN
- Ownership: something a user possesses, such as a plastic card
- Inherence: something integral to the user themselves, such as a fingerprint
With the financial services industry, dual factor authentication can make cyber-thieves a lot less of a threat, as a password alone is not sufficient for data access. Each added authentication layer makes a system more impenetrable.
Tips for Solid Dual Factor Authentication
- Implement an alert system - RIAs and their clients need to know when unauthorized access attempts are made on their accounts. Alert systems can notify account holders via email, SMS, or automated phone call if a human or robot intruder makes multiple failed attempts.
- Keep the system up to date - A disturbing number of companies set up a two-factor authentication system and leave it, thinking that it will keep out cyber-thieves indefinitely. Because criminals are always working to break through security buffers, Los Angeles investment firms with DFA in place need to upgrade and patch their systems as vulnerabilities come to light.
- Keep employee computer systems virus-free - Breaches are sometimes made using an infected employee computer. Hackers use malware hidden in browsers to bypass two-factor authentication. After the employee logs into their own or a customer account, the malware alters account data. Investment firms should regularly inspect company computers and keep their security software up to date.
- Protect RIA personal devices with DFA - Unsecured smartphones, tablets, and laptops are as risky as they are convenient. All personal devices used to access company information should be registered and require two-factor authentication to log in. If the item is stolen, IT administrators can cut off access to firm resources by deleting its unique codes.
With online crimes on the rise, Los Angeles investment advisors must not be complacent by believing that their current security setup is sufficient or that two-factor authentication is too cumbersome and expensive to embrace. If a breach convinces them otherwise, it is already too late.
Does your firm use dual factor authentication to protect sensitive data? Let us know your thoughts in the Comments box below.
And to follow-through on the tips introduced in this short article, be sure to download your free guide, Investing in High Net Worth Clients: The LA Investment Advisor's Guide to Using Technology to Manage and Grow Your Firm.