Data Encryption

With our industry’s increasing interconnectedness and dependence on technology, the opportunities, as well as the risks, are multiplied. Sensitive information is stored and sent electronically through our offices every day, and can be a valuable target for cyber attacks. Encryption is part of the suite of INFOSEC best practices which can help keep our clients’ data secure. Encryption is a regular item on audits from FINRA and the SEC, and is a requirement outlined in the DFPG SHIELD Policy Guide for all offices.

Encryption encodes data so that it is unreadable without the encryption key. Most encryption software functions such that after initially encrypting a drive, the user doesn’t generally need to think about it in their day-to-day functions. But should that drive be swapped into a new device, recovered following a failure, or accessed in certain unauthorized ways, the encryption key will be required to access the data once again? While encryption does not make your computer immune to attacks, but it does provide an extra defense which could make the difference in a data breach.

If you’re wondering how to encrypt your data, be aware that there are two primary risks: data in transit, and data at rest. Protected information is encrypted in transit using ShareFile, provided to you by DFPG. To protect data at rest (on your computer, server, shared drive, etc.), you will need an option that works best for your hardware. Here are two common options for your desktops and laptops:

BitLocker – built into Windows versions 8.1 or later (activation instructions here)
FileVault 2 – available on all Mac devices with OS X Lion or later (activation instructions here)

While these are native to the operating systems of their respective devices, they must be activated in order to be effective. If you have other storage devices in your office, such as a server or Network Accessed Storage device, you will need to research additional options for those.

DFPG strongly encourages you to review this portion of the SHIELD Policy Guide, and double-check your devices. If you do not have encryption set up on your devices, or if you have questions about any part of the process, please reach out to Will Snider or James Cannon as soon as possible.

If you are interested in learning more about encryption and other INFOSEC topics, we recommend this inexpensive online course (great for documenting your ongoing efforts to train and stay aware!).