IFP

Digital Security in an Unsecure World

by Jordan Slack

By now, we’ve all heard the tales. Maybe your neighbor’s identity was stolen, a credit card was compromised, or an account was hacked, spilling personal information into the unseen corners of the dark web. Did you know you can check if your information has been compromised in a breach via the Have You Been Pwned website? If you’re like many Americans, your information will likely show up as compromised in one way or another.

In the financial advising world, we’re no longer talking about a simple compromised shoe store account password or a hijacked email account; we’re talking about the livelihood of investors and possibly the future of your career in finance. Now that I’ve got your attention, I wanted to talk about a few ways that IFP is working to strengthen our cybersecurity and nurture an ecosystem that promotes a secure digital workplace.

Authentication

Cyber attackers relentlessly attempt to access client accounts. It makes sense; there’s a large amount of money in these accounts and some people hardly check their retirement nest eggs, let alone on a daily basis. To combat this, we’ve integrated multi-factor authentication (MFA) into as many systems as possible at IFP. MFA is one of the most effective ways to secure access to prevent brute force attack. Advisor[X], our upcoming proprietary technology platform, will feature one of the most sophisticated methods of MFA, placing the most sensitive login credentials behind the protection of our single sign-on (SSO) interface.

As an added layer of protection, all credentials captured for authentication via Advisor[X] are heavily encrypted. Our system will also verify whether passwords in real time to determine if they were stolen in previous breaches and, if so, recommending a password change to the user. Lastly, in the case that an attempt is made to penetrate our authentication layer, our team is immediately alerted and made aware, allowing us to respond immediately.

Infrastructure

Alright, now that we’ve covered authentication and how it’s integrated into our technology stack, it’s time to talk about the foundation of Advisor[X] — our data infrastructure. It’s one thing to build a secure platform, but without solid ground work, it means nothing. After an absurd amount of research, we chose Amazon Web Services as our primary data storage center. Additionally, we’ve partnered with a global consulting firm that specializes in data infrastructure and security for financial services to metaphorically nail everything to the floorboards.

We chose this path to provide sustainability to support our initiatives, including the expansion of our platform and IFP’s advisor network. It’s also about taking data, making it actionable, and improving the experience for our advisors using the platform.

Partners

In addition to our data governance policies, IFP is has chosen to be intentional about the partners that we work with. It is important that our partners share our passion for security and protecting our advisors and their clients. Our due diligence process is built around ensuring that any company that we work with has the appropriate controls in place to manage, track, and protect any data point that is provided by IFP or generated by the third-party company.

While cybersecurity is a hot topic across all industries, we believe that the financial services sector is extremely susceptible to these attacks. IFP believes in protecting clients from danger and our advisors from losing their credibility (or possibly their credentials and livelihood). That’s exactly why we’re building Advisor[X]. It’s more than just an application launchpad; it’s a chance to build a platform our advisors can trust without excess doubt or worry.

Third party service providers mentioned are separate entities from IFP and LPL Financial.

Posted by: Jordan Slack | December 3rd, 2018 at 9:00am.