Cyber Security: Partnering to Protect Our Clients

Notorious hacker Kevin Mitnick said, “The weakest link in the security chain is the human element.”

There are only two types of companies: those that have been hacked and those that will be.” – Robert Mueller, FBI Director

This is why, at Heritage, we take the security of our clients’ confidential information very seriously, as well as security in general at a firm level. We have caught and stopped more than a dozen fraud attempts for our clients over the past several years.

Our compliance program includes detailed policies and procedures, robust data security, business continuity and cyber security programs, compliance training for staff and clients, extensive third-party vendor due diligence, annual risk assessments and annual compliance audits and reviews. We are also governed by the Securities and Exchange Commission (SEC) for our regulatory oversight.

We partner with Charles Schwab & Co., Inc. (Schwab), as the custodian for our clients’ accounts. Schwab has dedicated an extensive amount of human resources to the effort of preventing, detecting, and investigating fraud. Their Financial Crimes organization has grown to over 240 fraud experts that work in different capacities, including fraud prevention and investigations, electronic crimes analysis, financial intelligence, monitoring and more. A notable portion of their Financial Crimes leadership members have come to Schwab from the Federal Bureau of Investigation (FBI) and bring expansive knowledge and expertise to help position Schwab to hedge against the threat of fraud. Among the Financial Crimes organization is a newly formed team that is dedicated to handling only Advisor Services fraud matters.

Here are some key components of the Heritage and Schwab programs for protecting your confidential information:


• All of our technology systems are hosted in a secure and encrypted cloud-based environment, protecting both data at rest and data in motion
• Continuous system upgrades, backup and data retrieval testing
• All technology system vendors that assist us in capturing and storing client confidential information are screened initially with extensive due diligence and annually thereafter, requiring that they comply with industry requirements for secure encrypted data storage and annual Service Organization Controls (SOC) audits
• All direct client communication of confidential and personally identifiable information is conducted either through our App River Cipher Post secure email system or through our Tamarac secure client portal
• Heritage carries specific cyber security insurance
• In 2017, Heritage conducted an independent cyber security audit and vulnerability testing
• Continuous staff compliance and cyber security training with quarterly phishing testing
Verbal confirmation with all clients confirming the validity of instructions for money movement to third -parties


• Your custodian, Schwab, also protects your accounts and personal information through SIPC protection, Schwab Guarantee information and front-end and back-end monitoring which you can access through your Schwab Alliance login.

This is what we recommend to our clients for protecting against fraud.

Client Responsibilities

• Keep your equipment updated, out of date software can be susceptible to attacks
• Install anti-virus and anti-spyware software, use a firewall for home wireless networks
• Verify you are on a secure website, a secure site should begin with “https” instead of “http”
• Be cautious with public computers and wireless connections, don’t accept software updates when connected to public Wi-Fi
• Use different passwords for different online accounts and avoid easy to guess information
• Password protect mobile phones, laptops and tablets
• Use dual-factor authentication whenever available
• Be alert to phishing scams that sound urgent or request updates of your information
• Be extra careful clicking on links or attachments sent to you
• Regularly check account statements for any suspicious activity or changes to your profile

We believe protecting confidential information and your personal assets requires a partnership between you, Heritage and Schwab. We continue to be dedicated to providing the safest possible technology environment focusing on continuous education, monitoring and improvements.

Tags: , ,