Technology has come a long way in a short period of time. Innovations that we can’t live without today – like Uber, Spotify, Waze, and iPads – weren’t even around just 10 years ago. But as with most technological advances created with good intentions, there’s also some unfortunate sabotaging from people with bad intentions. This is especially true when it comes to managing cybersecurity within 401(k) plans.
Because plan participants’ personal and financial information is monitored and readily available to multiple parties, the retirement industry is at a greater risk for cyber-attacks. As a plan participant, sifting through the various materials that offer best practices can be dizzying. There are so many tips, tricks and ideas – you could likely take a whole course on it and still leave not fully prepared. Moreover, the rules and regulations seem to be ever-changing, and a lot of “grey area” still exists. Consider our quick list of easy-to-implement, but still very applicable, best practices for protecting your 401(k) plan.
Enforce Strong Passwords
This may seem like “cyber-security 101,” but it’s surprising how many employees are not creating strong enough passwords. Ensuring that your passwords are hard to guess, and changed regularly, is a very easy way to offer protection against cyber-attacks. Try using a mix of numbers, letters, and special characters, and be sure to use a different password for every login or Web site that requires credentials. If you’re concerned about forgetting your password, research password manager apps – which can generate and securely store all of your passwords in an encrypted database.
Register Your Account Online
Although it might seem counterproductive to put your information online – where cyber-attacks are taking place – it’s important to register your retirement account. Hackers will often attempt to gain access to an unregistered account, in order to enter their own contact information. By not registering your account, you’re leaving it open for someone else to take over.
Read the News
As wealth managers, we’re constantly telling our clients not to pay attention to the latest headlines and “hot stock tips.” But in this instance, it’s important that 401(k) plan participants stay ahead of the curve. Knowing that a major cyber-attack has occurred can be helpful, especially in large, well-known, or high-value industries. Understand that large incentives are typically offered to employees to sell company data. Setting up Google Alerts for your company name, or industry, and words like “data breach” or “insider threats” can help you stay current with fraudulent patterns and questionable activities. In this case, knowledge is power.
Use Trusted Networks
As a 401(k) plan participant, it’s important that you only login to check on retirement accounts within trusted Wi-Fi networks. Public internet access – like the ones you can use in most coffee shops and restaurants today – allow anyone within the area to access, and potentially sift through your data. Remember to use trusted networks, which are open only to authorized users and are password protected. This typically includes your business or home internet connection.
If you’re interested in learning more about how to protect your 401(k) plan with our 401(k) Financial Wellness Program, contact CJM Wealth Management at 631.777.1030 or simply click here to send us a message.