Behind the Scenes: Client Security
Data and money security are important to everyone! And these days, there’s a new headline about the latest major security breach or hack of personal information far more often than we would like to see. While these breaches do happen, there are many things we can do to do our best to avoid them. We all have a personal responsibility to be smart with our secure information. This includes things like smart security hygiene – using strong passwords that don’t contain personal (read: easy-to-guess) information, resetting our passwords periodically (every three months is a good idea), not making online purchases on unsecure websites, and never sending secure information via unsecure paths (like in the text of an email or on social media), to name a few. It also includes awareness – paying attention to your bank accounts, investment accounts and credit card transactions and reviewing the monthly statements for these accounts for accuracy.
In addition to being smart with our personal information and being aware of our financial activities, we expect those we trust to do the same – bankers, credit card companies, retail stores, and especially financial planners. I’m happy to report that there are many steps we take to protect your information and your money:
Daily Review of Deposits and Withdrawals
First and foremost, we review every deposit and withdrawal to every account every day. That’s right – every single account, every single day. This is an important daily task for us as it allows us to confirm money movement happened as we expected. For example, if we sent a check to Schwab to be deposited, our review of this report will confirm when that deposit actually happens, which then prompts us to invest those funds. Additionally, if a Client requests that we raise cash for a transfer he/she is planning to initiate, we will see the distribution confirmed on this report.
For security purposes, if we see an unusual transaction on this report (for example, one we weren’t expecting or one much larger than usual) we will immediately email or call you, the Client, to confirm its validity. Similarly, if we received an odd or unusual request from a Client (perhaps a suspicious email), we will call to confirm the validity and the Client’s identity before processing any transactions.
Our daily review of this report allows us to remain fully in the loop on money movement into and out of our Client accounts and allows us to jump in immediately if we see something unusual. And, if a fraudulent transaction were to happen, we enact a long list of internal fraud policies to immediately alert the Yeske Buie team and pull in our team at Schwab to rectify the situation. Also, it is important to know that Schwab will cover 100% of any losses in a Schwab account due to unauthorized activity.
Policy to Never Send Secure Data through an Unsecure Method
It is our policy at Yeske Buie to never send sensitive information via unsecure pathways – like typed in the body of an email. It is for this exact reason that we use ShareFile – a software that creates a secure link for every document we need to send to a Client. The links are only valid for one week, limited to four downloads and use 256-bit encryption. This may sound familiar if you’ve completed any Schwab paperwork recently.
It is also our policy to encourage this behavior in Clients and other professionals who work with our Clients, which is why we always offer these secure methods for returning documents with sensitive information included (which can also be found here):
- Use the secure upload form
- Fax to +1 (866) 549-4990
- Send via email with your documents included as password-protected attachments
- Mail via US Postal Service. Street addresses can be found here.
- Drop off at either office (we can scan the documents and return originals to you)
Upon receipt of documents including secure information, like a completed Schwab form or copy of your most recent Employer 401(k) statement, we save the documents to our secure server in your Client Folder. And if you uploaded them via the Secure Upload Form, we delete them from that server as soon as they are saved.
Along these same lines, if we are requesting or providing information like a Schwab Account Number, Date of Birth or Social Security Number, we will always call you or request that you call us. It is much more secure to share this information (after confirming the Client’s identity) via phone than it is to share it via typing the information in an email. Once we have that secure information, it is never written down and left sitting on a desk, but always entered into our secure database.
In the event someone sends us secure information via an unsecure pathway (like a regular email attachment without password protection), we’ll save the information then delete the email from our inbox and again from our trash folder. We’ll subsequently follow up with the sender to recommend they do the same.
Information Included on your Client Private Page®
Your Client Private Page® is a shared online workspace where you can see your monthly Portfolio Reports as well as your Financial Planning Reports, Action Items and Billing Statements. And the keyword is that it is private! We never post anything to your Client Private Page® that includes secure information like an account number or Social Security Number. For example, your monthly portfolio reports only include the name(s) of the account holder(s) and type of account – no account number is included, not even the last four digits of the corresponding account. And, furthermore, you must have your specific Client Number and login credentials to access the page.
One additional thing we do in an effort to keep you, your data and your money as secure as possible, is research and recommend services like IdentityForce. IdentityForce is a service that offers identity protection by monitoring many aspects of your life like:
- Your email address – is someone using it to open new accounts?
- Your credit – is there an application for new credit using your information?
- Your bank accounts – is there unusual activity?
Hopefully the answer to all of the above is always ‘no’. But if you find that you have been the victim of identity theft, IdentityForce will send you an email and text notification and their Restoration Services team is available 24 hours a day to help you resolve any unauthorized use of your information. Click here to read more about IdentityForce and get access to the discount code provided to our Clients.
The moral of the story is: awareness is key. We must always be aware of our surroundings, especially when it comes to the security of our money and personal information. And monitoring things on a regular basis is a great way to stay on top of this. Which is why we here at Yeske Buie find it so important to be the first set of eyes on the security of your money. It’s also why we find it so important to be a constant resource to you – we’re consistently reading and researching the best ways to keep you and your information and money safe. And we act and update our policies appropriately.
We’re always welcoming of your thoughts and we are available to discuss any questions you may have on this topic at any time. To read more on similar topics, see the following articles: