A “shocking” number of family offices send confidential information via email, according to a family wealth IT expert, as new research outlines how family offices can protect themselves from cyber attacks.
Internet security for family offices: 10 steps to protect online information, a white paper published by software company Archway Technology Partners and family office intranet provider Trusted Family, released this month, says the majority of family offices lack the specialist IT security needed to prevent cyber attacks.
Family offices have a whole host of sensitive data that could be valuable to hackers, including financial statements, internal documents and communications with clients or advisers.
The paper recommends family offices consider security as an ongoing rather than a one-off process.
Edouard Thijssen, co-founder of Trusted Family, said most family offices were unaware of the dangers posed online and a shocking number still send confidential information via email.
The best way to transmit confidential data, according to Thijssen, is through a secure client portal – a centralised database that is accessible through a web browser and uses the same security system found in online banking.
Thijssen has seen a number of direct attacks during his time as a family business adviser, with cases of identity and data theft, social engineering, and extortion featuring highly on the list.
Most family offices tend to only think about security after a cyber attack has been detected, Thijssen added.
Perhaps the most concerning aspect of cyber attacks on family offices, according to the whitepaper, is that hackers will often target home computers and use them as a conduits to break into other machines in the family office.
Often these attacks exploit human weaknesses, which is why staff and family member education on security is so important, Thijssen explains.
The white paper was based on a recent webinar by Thijssen and Dennis Mangalindan, Archway’s vice president of sales & marketing.
“Family offices are, like any other type of organisation, subject to mass attacks that run automatically on the internet. They are not targeted because they are a family office, but because they are connected to the internet.”
"Today’s biggest threats occur unknowingly as we can easily pick up stealthy viruses and malware while using the internet; they function like sleeper agents, scanning networks for prey once they are activated,” according to the duo.
The white paper’s top 10 tips for protecting family offices:
1. Hire a trustworthy IT administrator
2. Map out data traffic and identify elements to secure
3. Set up a secure wireless network and limit access
4. Encrypt devices
5. Secure data in transit with Virtual Private Networks (VPN) and Secure Sockets Layer (SSL)
6. Make it easy for employees to participate
7. Establish best practices
8. Plan for accidents or breaches
9. Create a clear process for granting and removing access to company information
10. Develop an employee handbook