Broadly speaking, the threat of a data breach is not new. Since businesses and their clients have been sharing personal information with each other through the normal course of working together, we have been exposed to risk. In many ways, while it exposes new threats, technology has reduced risk in this area.
At Invest Blue, we partner with leaders in technology and data protection to ensure our processes, systems and tools remain as secure as is possible, and that we maintain a current vigilance in our approach to managing this risk.
Our approach to staying on top of this risk is outlined below.
- Invest Blue offices are connected by private high-speed internet links to ensure that information exchange is kept within our control.
- Any information transmitted outside our network (over the internet) is end-to-end encrypted by a collection of firewalls, which are also designed to keep any attackers out of our network and alert us if any attempts are made.
- Invest Blue uses Microsoft 365 services for its office suite, internal collaboration, voice calls, email, internal websites, and learning centres, and all these services are protected by multi-factor authentication (MFA). This means that even if an attacker were to find out a staff member’s password, it is essentially useless without being granted access by this extra layer of security.
- In addition to MFA, all Microsoft 365 services are also encrypted, including any voice/phone traffic, meaning that even if the data were harvested, it would be as useful as if it were written in hieroglyphics.
- All Invest Blue hardware, when no longer fit for purpose, is disposed of securely and certified by ISO 27001 and NAID AAA with PSPF Endorsement – which ensures an appropriate chain of custody.
- Our IT provider has extensive monitoring and alerting for both hardware and software-related incidents, and a team that promptly responds to incidents if they arise.
- Our IT provider performs several backups per day of our data stores, ensuring that any downtime whether from a natural disaster or otherwise is minimized.
- We regularly monitor our risk exposure and practices to mitigate risk, keeping us in line with industry best practices.
- And most importantly, Invest Blue staff undergo training in IT Security, and our IT provider regularly performs system checks and issue training campaigns that simulate phishing attacks, spear phishing attacks and social engineering – we are proud to say that we perform very well in these tests!
While no company is 100% guaranteed safe from these risks, we invest in the security and protection of data heavily, keep best-practice awareness alive as part of our daily operations and work with great partners who are at the forefront of defence. We appreciate the responsibility we have when looking after our client’s personal information and we take that on with immense respect.
Speak with one of our trusted and accredited financial advisers today
What you need to know
This information is provided by Invest Blue Pty Ltd (ABN 91 100 874 744). The information contained in this article is of general nature only and does not take into account the objectives, financial situation or needs of any particular person. Therefore, before making any decision, you should consider the appropriateness of the advice with regards to those matters and seek personal financial, tax and/or legal advice prior to acting on this information. Read our Financial Services Guide for information about our services, including the fees and other benefits that AMP companies and their representatives may receive in relations to products and services provided to you.