Digital security of your share portfolio

Hi all,

What are your thoughts on the digital security of your share portfolio? I've been thinking more about this as I continue to accumulate.

I conduct all my trading through one of the services of the Big 4, and there is no doubt the brokerage cost of this platform is expensive. I wince every buy order! I appreciate the appeal of cheaper brokerage through other platforms, and agree there is significant advantage in reducing costs per trade.

One thing that gives me moment for pause is wondering how much weight should be given towards digital security? Given I hope to have a fairly significant sum in equities, I'm cautious of the potential for a cyber intrusion or some such event on an investment portfolio.

Not trying to be alarmist (although stats on the rising incidence and cost of cyber-crime are of concern); just trying to consider all possible risks - investment and other.

Does this factor into anybody's thinking? How do you protect what may amount to be a significant portion of your life savings?

 

Yes this is something that has concerned me for a while. I use Commsec as they run two factor authentication. I wouldn’t be comfortable using a platform without it. I’ve seem the huge uptick in SME targeted threats, and I expect that to filter down soon enough. The quality of some of the social engineering I’ve seen is a bit scary.

I am considering going to a stand alone “quarantined” machine for trading only, along with a decent email solution with two factor or better.

Good subject and I welcome discussion on this!

 

How do you access these apps and websites? Do you install frivolous and questionably made apps onto your device? Your operational security can be as tough as you want, but it only takes one slip up to leak your details in any number of ways.

Password security, two-factor authentication, a separate device for accessing your share portfolio etc

 

Exactly this @The Falcon . I have moved to a pc used exclusively for commsec trading and emails also trend micro. Our business background was software development for 40 years and we are very aware of what is possible. What is possible is very scary

 

I wonder what @Nodrog, @SatayKing, @Snowball, @truong, @Alex Straker thoughts are on this?

 

I use Bitdefender (paid subscription) safepay through their portal.

 

I hadn't considered it to be honest. Now I will have to give it some serious thought.

 

trading platform like comsec is fairly secure, all shares transaction settle to your settlement account link to your trading account, you can turn on notification when sell or buy order is place.
you also get email notification when a contract is executed and have 3 days to sort it out

You can change settlement account but that account has to exactly match your trading account name so pretty hard for someone to change settlement account.

I wouldn't worry about it, banks transfer is less secure as it instant and it can be sent to anyone
messing with shares it a lot more legs work and they will be caught out in the process.
haven't seen a fraud link to this sort of stuff but hundred on banks accounts.

Relax and enjoy

 

Not concerned. Remembering whether I put the home brew in the fridge is of much greater concern.

 

Their 2 step authentication is only for modifying personal details, I wish it was there for logging in as well.
However, one thing I like is the ability to add a trade password: this password is a requirement for any trade (buy or sell), so should prevent unauthorised access even if login credentials were compromised somehow.

When it comes to online security - and only talking from an iPhone user perspective here - I tend to believe the app version to be quite a safe way to access the platform as the apps that can be on iOS in the first place are already very restricted, unlike on a computer.
New models with faceID add another layer of protection.

 

Like a couple of the others it’s not something Ive really thought about too much.

 

Commsec user. Criminal needs to hack into bank account, internet banking and then transfer to a new account that requires SMS.

The obvious risk is having the phone stolen.

PS they could sell / buy for the fun of it too.

 

2 factor is a good start, but having a secondary password for executing trades is a big plus imo. 2 factor can still be bypassed. Secure your own PC/trading device to begin with, then look at what security options the provider brings to the table