Cyber Security – Protecting Your Information

By Hamish McPhail, LL.B, GDipBus (Personal Financial Planning), CFPCM, Financial Adviser – Investments, Director of MFAS

You have likely heard in the media recently that listed Australian company Latitude has been hacked with over 14 million of its Australian and New Zealand customers exposed to data theft. I was one of those and a feeling of helplessness and vulnerability followed.

Here at MFAS we take your information security very seriously and have adopted several different steps to ensure the information we hold about you is as secure as we can possibly make it. 

Our steps range from using a firewall, adopting multifactor authentication (MFA), using a password manager, and subscribing to regular security monitoring and audit checks to ensure we have the best protection available against the ever-present menace that is cybercrime.

At the same time there are steps that you can take to protect data at your end.  Cert NZ have published a helpful 10 step guide for best cyber security (link below). Recognising there is no way to be perfectly safe, adoption of Cert best practice is a strong defence, noting that steps 1-3, 5-6 are most relevant to what you may need at home. 

Password control is critical and available managers such as LastPass are of great assistance here.  You should ensure each website you visit has a different password and these should be long and use a mix of upper and lower case, letters, numbers, and special characters.  Often thinking of a phrase rather than a single word makes this easier and these can be as silly (but complex) as you like.  While it can be time consuming and marginally frustrating using tools such as MFA and a passport manager, the harder for us to use our accounts, magnifies how hard access is for the cyber crooks.

These days we are required to provide identification information to almost any financial institution to satisfy Anti Money Laundering regulations. A matter often overlooked is that if you have emailed passport or drivers licence photos, remember to go into your sent box and delete. Poorly protected email systems are connected to the internet highway and often a first point of attack, so if not confident of inbuilt defence mechanisms, the less information that sits in your emails, the better.

Last as a consumer, remember you have the right to ask those businesses you interact with about their cybersecurity. A precise response will give confidence that in this challenging domain, your best interests are being looked after.

https://www.cert.govt.nz/assets/Uploads/documents/cert-nz-2022-critical-controls.pdf