Every four years, Heron Financial Group completely tears down and rebuilds its technology platform.
One big focus: A review of how every vendor handles clients’ private data, says David Edwards, head of the New York-based advisory firm.
Not all contracts are renewed.
“We’ve told vendors, 'We can’t work with you anymore because we’re not confident our data is secure,'” Edwards says. “They don’t like it, but there it is. We’re fiduciaries. That means protecting your client against every threat.”
To ensure client data safety, Edwards says advisers must scrutinize contracts signed with vendors, conduct regular follow-ups, have a cybersecurity policy in place and even purchase cybersecurity insurance.
“Everything needed for identity theft is neatly packaged within your own computer systems,” Edwards says. “That’s why we go through that process of up-armoring everything we do.”
Advisers, Edwards says, have to commit to staying on trend with best practices in technology, and they also have to commit dollars.
“You cannot hide from this,” he says. “The upside to not spending on data and cybersecurity is that you’ll save money. But the downside is that, if there’s a breach, you’ll be gone in an instant.”