2. IP Sentinel – watching over your intellectual property
ACT NOW
You are responsible for some of the most valuable data in the world. That of your clients’.
It is imperative that you know how to process, protect and manage that information.
The penalties for not doing so can run into the millions and ruin the reputation of your business.
The Financial Conduct Authority (‘FCA’), The Information Commissioner and your PI Insurer all have
requirements you have to meet.
Do you know what your responsibilities are?
Do you understand the threats to the information you hold?
Do you know how to protect yourself?
info@ip-sentinel.com
http://ip-sentinel.com
3. IP Sentinel – watching over your intellectual property
What is Information?
As an adviser you have ‘Identifying Data’ for each and every one of your clients
•
Name, address, email, contact telephone
You also have so much more due to AML & KYC requirements
•
Copies of passport, driving licence, utility bill, bank statements
You could have even more that that
•
Bank account details, investment histories, insurance policy details
This information is valuable to your clients
Your servers probably hold enough information for criminals to steal the identity of every one of your
clients
info@ip-sentinel.com
http://ip-sentinel.com
4. IP Sentinel – watching over your intellectual property
You are responsible for client information
The Financial Conduct Authority
•
•
•
FCA Principle 2
FCA Principle 3
Rule 3.2.6R in the Senior Management Arrangements, Systems and Controls sourcebook
(SYSC)
The Information Commissioner
•
Data Protection Act 1998 and 2003
The PI Insurer
•
Whilst you may have cover in place for a limited third party loss relating to cyber security, it is
unlikely that your existing cover will reinstate any losses to your own business
info@ip-sentinel.com
http://ip-sentinel.com
5. IP Sentinel – watching over your intellectual property
How do you process information?
To manage your client accounts and information
•
•
•
•
Do you have a manual process that is largely paper based?
Or is your process largely email, spreadsheets and word documents?
Or an Intranet workflow integrated with an online Customer Relationship Management (CRM) system
Or a Vendor provided Practice management solution?
Most probably part of your process is outsourced to a vendor or service provider, maybe as part of a
network arrangement.
Would you know if information had gone missing?
What would you do if you discovered that it had?
info@ip-sentinel.com
http://ip-sentinel.com
6. IP Sentinel – watching over your intellectual property
Where do you keep information?
Your clients have given you their information. Do you know where that information is
now?
• On your laptop/PC
• Or in hard copy in a locked filing cabinet in
your office
• Or stored in a document archive offsite
• Or stored as an attachment in your email
•
•
•
•
•
Or saved as a spreadsheet on a file server
Or in a vendor supplied application
Or in the “cloud”
Or hosted on a vendor service
Or on a 3rd party backup service
Probably a little of all of the above
info@ip-sentinel.com
http://ip-sentinel.com
7. IP Sentinel – watching over your intellectual property
How do you protect information?
•
Who should and who actually does have access to
client information?
•
Do you trust them? Does their employment contract
cover their responsibilities?
•
•
•
Who is responsible for Data Protection?
Who is responsible for dealing with a Data loss? Hack
attack? Computer crash?
Who is responsible for Employees joining and leaving,
as well as examining what they bring or take with
them?
•
•
•
Do you encrypt the data? If so how?
•
Do you audit your policies & their implementation
regularly?
How do you communicate? WiFi? iDevice? Laptop?
Do you have an IT policy on passwords? User access
levels?
IP Sentinel can provide you with a solution
info@ip-sentinel.com
http://ip-sentinel.com
8. IP Sentinel – watching over your intellectual property
Your Strategy
Carry on as you are - Sorry that’s not going to work for too long
• The FCA have stated Data Protection is one of their key focus areas. There’s EU legislation on the way to make
sure you do something. It’s all over the news.
Buy Cyber Liability Insurance – Deals with the finance aspects only
•
•
It’s not cheap!
Doesn’t help your reputation or replace your clients.
Let my IT department manage this problem
•
•
Data Protection is a whole business issue
It is a specialist area
If you think you need to do more, IP Sentinel can help
info@ip-sentinel.com
http://ip-sentinel.com
9. IP Sentinel – watching over your intellectual property
Engage IP Sentinel
IP Sentinel is a specialist in Cyber and Information Security in the Adviser and DFM marketplace.
We provide a 4 step program to help you protect your important data and work towards satisfying the Regulators.
Step 1: Recognition
Step 2: Prevention
Step 3: Monitoring & Mitigation
Step 4: Response & Recovery
Regardless of your size or business model you have a duty to protect your client data. If you have any questions about your
responsibilities,
call us today on 01825 701870
Or email info@ip-sentinel.com
Or visit our website http://ip-sentinel.com
info@ip-sentinel.com
http://ip-sentinel.com