Cyber Security for Advisors & Brokers: SSL Certificates 101
Cyber security is a growing issue that professional service industries need to be aware of. With cyber fraud and cyber crime running more rampant than ever, it is critical to make sure your website is secure.
According to the U.S Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations, about 74% of broker-dealers and investment advisers have experienced cyber security breaches or had gaps in their cyber defenses. Terrifying, right?
That is where SSL Certificates come in.
SSL Certificates 101
Some website url addresses start with http:// while others start with https://
Notice the "s"? That “s” implies the connection to a particular website is highly secure and encrypted. In other words: any data you are entering into that website is safely shared only with that website and layered with extra security so others cannot access the data.
The acronym SSL stands for “Secure Sockets Layer.” You will typically find an SSL certificate on any website you are required to give over valuable or sensitive information. Think about your banking website, where you pay bills online, or where you make purchases online, etc.
The best way to explain SSL is to describe it as standard security technology for establishing a safe link between you and the website you are accessing — or simply stated, between a web server and your browser. The most important function this “s” serves is an added layer of protection between the server and the browser to ensure that all of the data exchanged is kept private, or secure, by the host site.
Visiting a website, or making sure your website is SSL-certified is the first step to securing a safe, trustworthy connection for you and your clients.
Why Does an SSL Certificate Matter for Your Cyber Security?
To best understand how that extra “s” can make a difference, let us think about what life is like without the “s”. Anytime you are on a website that does not have that extra “s” and you are entering information, there is a possibility that a hacker can gain access to the information you entered on that site. One of the strategies that hackers will use to get information out of a HTTP address is called man-in-the-middle strategy.
With an SSL certificate, a hacker is unable to access this information. How? By adding an SSL, the communication between a client's computer and your protected website is scrambled and encrypted. In other words, by creating a SSL-certified website, you are guaranteeing an extra layer of security for you and for your clients.
Consider Internet Security Threats
Cyber theft and cyber fraud is the fastest-growing crime in the United States, and according to a 2016 study, only about 29% of financial advisors thought themselves to be “fully prepared” to manage and mitigate cyber security risks. More than that, financial advisor platforms are at a higher risk for cyber criminals because of the sheer volume of personal information stored. Think about it names, bank account details, social security numbers, etc. — it is a hacker’s jackpot!
If you are a financial advisor or broker and you do not have an SSL certificate, you could be running serious risks for both your company and clients. For example, if your financial business information gets hacked, or you compromise private information to cyber thieves, you can expect a loss in reputation, clients, and more. When this type of data breach happens, by law, a company must disclose the breach to individuals and/or companies that could have been affected by the hack.
Besides the public embarrassment and distrust that arises from a security breach, there is also the chance for potential lawsuits from clients or higher-level officials for not keeping their information protected and secured.
Your E&O insurance covers some of the claims around technology and software errors, but without a baseline of website security — you'll look negligent. Plain and simple.
How To Install Your SSL Certificate?
If you do not collect sensitive information via your website, and instead your website serves as a "business card" to advertise your services, contact information, and blog articles — and no client information is stored — then the need for a top security SSL isn’t so demanding. There is a baseline SSL certificate that small businesses should install on their website.
There are a couple of options to become SSL-certified: you can either pay to have someone set it up for you and renew annually, or you can install it on your own. The extra peace of mind will pay off and benefit your business in the long run.
Ready to make your website secure? Email us today for a quote > info@theWMG.com
Wealth Marketing Group