KSI/KAI Cyber Security Policy / Procedures For Registered Reps

Similar documents
A practical guide to IT security

Cybersecurity For The Small Business & Home User ( Geared toward Windows, but relevant to Apple )

2018 By: RemoveVirus.net. Remove A Virus From Your PC In 5 Simple Steps

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

Course Outline (version 2)

Cyber security tips and self-assessment for business

Security Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment

Cyber Security Guide for NHSmail

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

(1) Top Page. Before Using GCMS Plus. Chapter3. Top Page. Top Page is the initial screen displayed after you log in. My Menu

Employee Security Awareness Training

Contents. Introduction 5. McAfee SecurityCenter 7. McAfee QuickClean 39. McAfee Shredder 45

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

1. Security of your personal information collected and/or processed through AmFIRST REIT s Web Portal; and

Data Protection in Practice

Best Practices Guide to Electronic Banking

Cyber Security Guide. For Politicians and Political Parties

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

User s Guide. SingNet Desktop Security Copyright 2010 F-Secure Corporation. All rights reserved.

PRACTICING SAFE COMPUTING AT HOME

Safety and Security. April 2015

Seven secrets to making the most of your computer system. Chris Jeffery Proprietor/Chief Guru CyberGuru

How To Remove A Virus Manually Windows 7 Laptop Using Antivirus Program

How Cyber-Criminals Steal and Profit from your Data

Kaspersky Small Office Security 5. Product presentation

Identity Theft Prevention Policy

PROTECTING YOUR BUSINESS ASSETS

Online Security and Safety Protect Your Computer - and Yourself!

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Operator s Manual. FreshStart Automated Drive Replacement Tool by CyberSpa LLC. All rights reserved.

CompTIA A+ Certification ( ) Study Guide Table of Contents

Train employees to avoid inadvertent cyber security breaches

Manual Removal Norton Internet Security Won't Open Or

Online Scams. Ready to get started? Click on the green button to continue.

Security Awareness. Presented by OSU Institute of Technology

NEN The Education Network

Cyber Hygiene Guide. Politicians and Political Parties

2 User Guide. Contents

ctio Computer Hygiene /R S E R ich

ESET Mobile Security for Windows Mobile. Installation Manual and User Guide - Public Beta

9 Steps to Protect Against Ransomware

FAQ: Privacy, Security, and Data Protection at Libraries

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

. Account & Google Message Center Guide. January Prepared by: Angela Mars IT Education and Training

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

Octopus Online Service Safety Guide

BASELINE GENERAL PRACTICE SECURITY CHECKLIST Guide

Keeping Your Computer Secure Quick Reference Guide

E-Security policy. Ormiston Academies Trust. James Miller OAT DPO. Approved by Exec, July Release date July Next release date July 2019

How To Remove Personal Antivirus Security Pro Virus Manually

Avira AntiVir Server

How to Build a Culture of Security

Keeping Your PC Safe. Tips on Safe Computing from Doug Copley

Page 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES

Handbook: Carbonite Safe

Web Cash Fraud Prevention Best Practices

Level 2 Cambridge Technical in IT

McAfee Internet Security Suite Quick-Start Guide

Start the Security Walkthrough

Computer and Internet Use Policy

Personal Cybersecurity

Securing the SMB Cloud Generation

Help & User Manual. Table of Contents. 1 Introduction of Safe-All. 2 Safe-All Installation. 3 Safe-All Login. 4 Safe-All Functions & Features

WINDOWS 8.1 RESTORE PROCEDURE

The Cyber War on Small Business

Airtel PC Secure Trouble Shooting Guide

Discount Kaspersky PURE 3.0 internet download software for windows 8 ]

Your security on click Jobs

ACM Retreat - Today s Topics:

Duplication and/or selling of the i-safe copyrighted materials, or any other form of unauthorized use of this material, is against the law.

The Eight Rules of Security

Date Approved: Board of Directors on 7 July 2016

Top Ten IT Security Risks CHRISTOPHER S. ELLINGWOOD SENIOR MANAGER, IT ASSURANCE SERVICES

<Criminal Justice Agency Name> Personally Owned Device Policy. Allowed Personally Owned Device Policy

KnowBe4 is the world s largest integrated platform for awareness training combined with simulated phishing attacks.

Endpoint Protection. ESET Endpoint Antivirus with award winning ESET NOD32 technology delivers superior detection power for your business.

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Quick Heal AntiVirus Pro. Tough on malware, light on your PC.

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

JAPAN CYBER-SAVVINESS REPORT 2016 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN JAPAN

Introduction. Read on and learn some facts about backup and recovery that could protect your small business.

BHIG - Mobile Devices Policy Version 1.0

Cyber Security. Our part of the journey

Security. Bob Shantz Director of Infrastructure & Cloud Services Computer Guidance Corporation. All Rights Reserved.

Guidelines for Use of IT Devices On Government Network

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

BEST PRACTICES FOR PERSONAL Security

NUIT Tech Talk: Data and Information Security at Northwestern January 24, 2007

Evolution of Spear Phishing. White Paper

An Overview of the Gramm-Leach-Bliley (GLB) Act and the Safeguards Rule

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

The 10 Disaster Planning Essentials For A Small Business Network

College of Pharmacy Windows 10

Incident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles

Security Issues When Preparing for Disasters

Quick Heal Total Security

Remove Trend Micro Titanium Internet Security Without Password

How To Remove A Virus Manually Windows 7 Without Antivirus Security Pro

VIETNAM CYBER-SAVVINESS REPORT 2015 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN VIETNAM

Transcription:

KSI/KAI Cyber Security Policy / Procedures For Registered Reps Password Protection 1) All electronic devices used in any way for KSI/KAI business must be password protected. 2) Passwords, where applicable, should be at least eight characters long, and contain both alpha and numeric characters. 3) All mobile devices Apple IOS or Android used in any way for KSI/KAI business must contain a minimum of four character password and it is recommended the device be wiped after ten unsuccessful login attempts. This will encrypt them as well. 4) All passwords should be changed at least every 90 days. Data Breach 1) Any known or suspected data breaches must be reported to the KSI/KAI IT Department immediately at informationsecurity@kovacksecurities.com. 2) A detailed and comprehensive accounting of the event must be submitted to the KSI/KAI IT Department. Computer Equipment Data 1) All computer systems used in any way for KSI/KAI business must be located in a secure location. 2) All laptops used in any way for KSI/KAI business must be whole disk encrypted, with an approved encryption package. 3) All computers systems left unattended must be locked with a password. 4) All computer backups must be kept in a secure and locked location. 5) All computer systems must have anti virus software installed. 6) All anti virus software must have a current subscription and virus definitions must be current. 1) Any data stored solely in electronic format must be maintained in accordance with SEC rule 17a 4. 2) SEC Rule 17a 4 states data must be stored in a non rewriteable, non erasable format. Private Information 1) Any private information transmitted electronically must be sent via secure email.

Detecting and Recovering from an Email Virus Incident Registered Representative Procedures A large number of viruses are transmitted via email, commonly enclosed in a file with a.zip or.exe extension. Files with these extensions must not be opened prior to confirming their origin. Additionally, your IT professional should review the email, and advise you as to what steps should be taken. If/when a suspicious email is received, the following steps must be adhered to: Five Response Stages Detection Reporting Containment Eradication Recovery Detection Typical indications of an attempted virus, or virus infection, include: Suspicious email (do NOT open a suspicious email) Confirm with sender Multiple non deliverable emails in your Inbox Sent emails that you didn't send Slow disk access Slow system boots Anti virus software alert Reporting Immediately report any suspect emails or Virus alerts to your IT professional. Registered Representatives must have access to their own qualified IT support professional or company. Your IT professional must contact the KSI IT Department when a virus is detected. Registered Representatives are responsible for ensuring that their IT professional is aware of this KSI requirement. Initial reporting can be made to informationsecurity@kovacksecurities.com.

Containment Your efforts to contain the virus can significantly reduce the virus damage. If you believe or it s determined you have a virus, Registered Representatives must use the following steps to quickly contain the virus: Close Outlook and do not open until instructed by your IT personnel Close all open documents and Internet browsers Shut down your computer and do not turn it on until instructed by your IT professional. Eradication Your IT professional can initiate several steps, depending on the type of virus: Update of virus definitions and full system scan; Offline virus scan; Reinstalling the system, such as a system installation disk, or a clean system image. Recovery Recovery of functionality and data of infected systems may have been carried out as part of the eradication process. Files can be restored, as of the last backup, from your file backup. Removing temporary containment measures, such as suspended network connections, is another aspect of the recovery process. After the recovery process has been completed, a written report must be submitted by your IT professional to the KSI IT Department. This report must contain the following. 1) A detailed list of all viruses found 2) What methods were used to clean the infected computers 3) The time and date all the systems were proven clean Points of Contact Jeff Welch Director of IT Phone 954 670 8140 Email jeffw@kovacksecurities.com John Verderosa IT Services Phone 954 670 8705 Email jverderosa@kovacksecurities.com Regina Schumaker Senior Software Specialist Phone 954 670 0621 Email regina@kovacksecurities.com

Tips for Keeping Your Clients Safe Passwords. It is extremely important to utilize strong passwords for email clients and for any online access to client private information. A minimum password requirement should contain a minimum of eight characters consisting of upper case, lower case, numeric and a symbol. Make sure to never use date of birth, name, initials, or phone number within your passwords. Use multiple sign offs. To ensure no one has cut any corners, require that multiple people approve a disbursement. The more eyes that look over a transaction, the better. Wire fraud is on the increase. Be very cautious about email. Always think twice before sending sensitive information via email. Either don t send private information over email, or make sure the email is sent securely with encryption. Always remember to never open email attachments with an.exe or.zip extension from an unknown source. If you receive an email with one of these extensions from a trusted source, please make sure to confirm with the source the legitimacy of the email before opening. Teach clients electronic hygiene. One of the biggest challenges is getting customers engaged, to make them understand that there are threats out there and that there are things they can do to protect themselves. Send only encrypted emails that contain private information and ask clients to either follow suit or mail documents back to you. The client may find this inconvenient, but remind them this is to protect their identity. Also remind clients that, if they don t recognize an email, they shouldn t open it or click on an enclosed link. Secure your own electronic office. Permanently delete all old emails. Keep documents offline, or behind a firewall. Though scams tend to originate in hacked client email, rather than through online financial dashboards or electronic records, it s still imperative to be careful what websites you visit. Most malware is downloaded via a website rather than email. Some malware can result in the loss private information residing on a computer. Expect criminals to evolve. The fraud preventatives that work now probably won t work forever. Cyber criminals will always be upgrading their tactics, it s vital for anybody in the financial services industry to continuously review their internal measures to prevent cyber fraud. Install quality Antivirus Software. Not all antivirus software is created equal. There are several free antivirus software packages out there with a good reputation. As you might have heard nothing in life is free. Some of the free packages do a decent job at scanning for viruses; however you want to do everything in your power not to get them in the first place. The pay antivirus packages do a better job of spotting the virus before it infects your computer. Some also offer a web reputation enhancement that will warn you of damaging websites. Consult with your IT professional to determine which package is best for you.

What to do after. No antivirus software is 100% effective. If you do download a virus have your IT professional fully scan and clean your computer. After your computer is proven clean, make sure to change all of you passwords.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback