In a world of increasing cybersecurity risks, keeping good digital hygiene should be a matter of routine.
In an era when billions of people are affected by data breach and a growing number are seeing their personal information and passwords compromised, it's essential to be proactive about managing your digital security. As the cyber threat landscape intensifies, people are increasingly worried about the security of their financial accounts, according to Rachel Wilson, head of cybersecurity for Morgan Stanley Wealth Management.
“You brush your teeth in the morning and at night. We have to be treating our cybersecurity the same way,” she says. Taking even basic precautions can make you a much more difficult target to hack. “If you make life too hard on the hackers, they will move on and focus on someone else.”
While your financial institution can take great care to help you secure your data, it takes a partnership—where you also take an active role in helping to keep your information safe from cybercriminals. Following these five cyber hygiene habits can help you to stay one step ahead of bad actors.
When you see a notification that your operating system or an application is ready to update, don't ignore it. “Hacking into a fully patched device, operating system or browser is very challenging,” Wilson explains. “Where the hackers have the advantage is when people are using out-of-date software, when they're using unpatched operating systems.”
Regardless of what operating system you use, keeping it updated is key to protecting your personal information.
Nearly one third (29%) of hacking-related breaches took advantage of stolen passwords.1 If you use the same password on every website and app, a breach at just one website could put all of your other logins at risk. Seeing as 71% of breaches were financially motivated,1 you should be especially cautious about using unique passwords for your banking and investment accounts.
Between financial, communication, business and social media accounts, you could have dozens of logins to manage. Especially when considering the need for strong passwords (unique, lengthy and complex), remembering all of those passwords is nearly impossible. That's where password managers come in.
A password manager is an app that stores all of your usernames and passwords in an encrypted state. It will also auto-generate strong passwords for your accounts and auto-fill your login fields. Save each unique combination there and you'll need to remember just one password, which can be further protected through multi-factor authentication, to log in and access your other passwords. That way, if one of your account’s passwords is compromised, you don’t have to change other passwords you have.
If your password does fall into the wrong hands, there's still another wall that can keep criminals out. When multi-factor authentication (MFA) is enabled, you need to provide something other than your username and password to confirm your identity and access your account. This additional factor of authentication could be a fingerprint, a registered trusted device, a one-time passcode or a security key.
Tricking you into clicking a bad link or downloading an infected attachment in email is one of the most common routes for hackers to gain access to a computer. And once hackers have access to your system, they can steal your data, try to access your accounts and even use your personal or business contacts to perpetuate their scam.
Vishing is a similar scheme conducted by phone, and SMiShing happens over text message. Whatever form the scam takes, remember that messages from unknown people should be a red flag. Never give out your information unless you are confident about who is on the other end.
A recent Morgan Stanley Investor Pulse Poll found that 82% of high net worth investors consider online access to account information important, if not essential.2 But at the same time, 43% expressed a lack of confidence in the safety of their online accounts.2
Before working with a financial institution, it’s essential to make sure key safeguards are available to you as a client. Those include MFA to verify your identity and protect your accounts, as well as advanced alerts and notifications, fraud detection and other digital tools to empower you as a partner in digital security.
Wilson notes that many independent financial advisors and smaller wealth management shops may not have the Information Technology departments, let alone the cybersecurity expertise, needed to properly safeguard client assets and data to the fullest extent possible. “We take cybersecurity incredibly seriously and are able to devote significant resources to the protection of Morgan Stanley and our clients,” Wilson says.
Knowing about weaknesses of out-of-date software, how password managers work and using multi-factor authentication are just some of the steps you should take to improve your cybersecurity. Also, work with the tools you get from your financial services firm to help you prevent identity theft and fraud.
Head to the Morgan Stanley Online Security Center to find out more about how to protect yourself and your family from digital threats.