Information Security will be an integral driver in the FinTech space in 2016 and well beyond, suggests Julian Plummer – Managing Director of financial planning software provider, Midwinter.
Quoting Andy Grove from Intel, Mr Plummer stated ‘Complacency breeds failure. Only the paranoid survive.’ in relation to the confidential client data of financial advisers.
He advises that client information (including AFSL, practice, adviser and client information) security is vital especially in regards to securing the high volumes of sensitive online information that is stored in financial planning software and that this matter will be of particular importance and interest to the financial planning industry.
“In the past few years there have been several high profile cases of IT security failures within the industry and they are due to both policy breaches and technical failures. Ensuring the safety of all sensitive client data for our advisory clients has become a top priority for Midwinter, and we have taken extreme actions to ensure that information is managed and stored securely, so as to continue Midwinter’s clean slate of zero security breaches.”
These comments come off the back of the announcement that Midwinter has become the first Australian cloud-based financial planning software provider to be awarded ISO 27001 certification for information security management.
The ISO 27001 certification confirms that Midwinter’s sensitive customer and partner information is secured and managed at the utmost highest level. The ISO 27001 certification also means that Midwinter has been independently verified and awarded the only internationally recognised and most prestigious information security standard available. Additionally, by implementing the latest version, Midwinter’s Information Security Management System (ISMS) is compliant with the latest best practices, controls and industry standards.
Midwinter has employed the aid of Zirilio to ensure that a high level of ISO 27001 compliance was achieved and maintained.
Zirilio is an Australian based IT security consultant that advises Australian government agencies, publicly listed companies and private organisations to assess, monitor and manage their IT security posture. Midwinter’s engagement with Zirilio allowed Midwinter to ensure that a high level of ISO 27001 compliance was achieved and maintained.
Speaking of Information Security, Executive Managing Director, Zirilio – Tim Dole stated “Over the past year we have seen a noticeable increase in the sophistication and stealthy nature of attacks within the Asia Pacific Region.”
Tim went on to say that “A significant proportion of the malicious activity originates as untargeted activity, gaining access to organisations (e.g. via Malware) with the sole purpose of finding data/information of value. Often once this information is garnered it is then silently replicated to malicious servers on the internet, the information is sorted and classified, with the information either sold or utilised for a targeted attack. Typically, we see organisations where data of value was stolen to be subjected to targeted attacks within 7-days of initial infection.”
Plummer predicts we shall begin to see more of a focus on Information Security as both advisers and their end consumers become more aware of how much of their data is stored online – “Those advisers who are able to ensure their clients that their information is well secured and managed against malicious attacks will find themselves with a comparative advantage over their competitors in the long term. “