In an era of mobile devices, working remotely and Cloud computing, the modern way of working means data security is increasingly crucial. One wrong move could ultimately bring down a company if sensitive data gets into the wrong hands.
It is easy to be derisory of the security lapses committed by others. Briefcases or laptops left on the commute home for example, or that conversation last year on the 16.43 Chichester to London Victoria revealing all the comings and goings of an imminent Cabinet reshuffle.
It is also easy to think we are immune from being taken in by email scams promising untold riches and lottery windfalls, which can be accessed simply by sending over all your personal details in one handy message.
But for advisers and their clients, the issue is no laughing matter. Scammers are becomingly more and more sophisticated, using genuine correspondence to dupe their victims, be they clients thinking they are talking to their adviser, or advisers thinking they are carrying out client instructions.
Last year Standard Life clients were targeted by criminal gangs hacking client email accounts, and earlier this month the provider warned advisers could be liable for losses incurred from falling prey to these kind of scams.
The challenge is not just about preventing breaches of the Data Protection Act leading to possible identity theft, serious as these issues are. The sophistication of the scams means the issue is not just one of data loss, but that the interception of email is a very real threat.
This is particularly true for advisers and financial services firms more generally, who are dealing with sensitive client information on a day-to-day basis. Research carried out on behalf of Money Marketing suggests a significant numbers of firms are using non-secure email addresses such as Gmail and BT Connect to transact and communicate, with experts concerned this could lead to disastrous consequences for all parties.
The FSA first warned against the use of webmail in 2011, but this was mentioned only in passing as part of a wider project into tackling financial crime. It followed earlier work on data security in financial services in 2008, but it seems since the FCA’s inception the regulator has been quiet on the subject. The section on data security on the FCA’s website all refers back to work carried out by its predecessor.
Advisers need to be alive to the risks they are exposing themselves to by using webmail. What seems like a convenient solution in the short-term may end up costing firms business in the long run, or in the worse case scenario, costing clients their life savings.
Natalie Holt is editor of Money Marketing – follow her on Twitter here