IFA sector’s cyber security efforts to give IT a clean bill of health in 2019

Good cyber security is built on People, Process, and Technology

All industries are faced with cyber security threats, but especially businesses in the financial services and IFA sector who deal with extremely confidential customer data and financial information.

According to research:

  • 44 percent of advisers have already had direct experience of a cyber attack;
  • with 72 percent of breaches in the UK as a result of fraudulent emails.

And while we’re on with quoting a few statistics, it is interesting to note that 61 percent of data breaches were in businesses with less than 1,000 employees – which makes up a large part of the IFA sector. Of this, the human factor plays a big role when it comes to data breaches.

And, most importantly, surveys have shown that 81 percent of customers would want to move if their data had been breached. So it’s never been more imperative and important to ramp up your cyber security efforts.

The Changing Face – embrace the ‘new normal’

A full IT operating model, and an entire IT stack where digital comes first will become the ‘new normal.’ Manual legacy systems are fast becoming redundant, and as you grow your business technology so you should elevate its cyber security – you simply can’t pay enough attention to this.

An industry expert says that, “Many financial institutions still rely on the same information security model that they have used for years: one that is controls- and compliance-based, perimeter-oriented, and aimed at securing data and the back office. But information security risks have evolved dramatically over the past few decades, and the approach that financial institutions use to manage them has not kept pace.”

Often, when companies implement ad hoc security measures it creates a false sense of cyber security. This could be one of the primary threats facing your IT. It is about understanding your security position, being able to identify new attacks, and – of course – to have an overarching, holistic approach to making sure all your cyber security across your entire technology footprint is in place. This is where Managed IT plays a critical, central role.

During 2019, there are a number of cyber security issues that we’ll be faced with – not the entire list here! 

GDPR and data management

With the introduction of the GDPR in May 2018, there is an exponential increase in data privacy awareness, and the handing out of substantial fines. This will only continue as large tech giants face largescale backlash to their data gathering and data usage methods, coupled with hefty fines and new rules across countries and continents. No doubt there will be a host of businesses – big and small – that will suffer whopping fines too.

For IFA businesses, this is especially important – to ensure the tightest security for your customer’s data that you are entrusted with.

Password vulnerability and sophisticated methods of attacks

Make sure you have a strong password system in place so that these cannot be unlocked. Mobile device management should also be taken into consideration as an entry point to your company’s IT system.


This threat continues well into 2019 but companies that have the proper back up, disaster recovery and security tools in place will be able to fight back. It is all about forward preparation.


Malware is most often introduced to a system through email attachments, software downloads or operating system vulnerabilities. The best way to prevent malware is to avoid clicking on links or downloading attachments from unknown senders; to have a robust and current firewall; and to ensure your computer’s operating system uses the most up to date security measures.


Phishing emails include a link that directs the user to a dummy site that will steal a user’s information. In some cases, all a user has to do is click on the link.

Denial of Service Attacks

These types of attacks are where attackers send high volumes of data or traffic through the network until it becomes overloaded and hijacked. Top online cyber security measures are key to preventing this from happening to your IT, as well as examining physical hardware connections.

Risk of Shadow IT systems and poor management of a company’s housekeeping

Shadow IT is information technology work that is managed outside of, and without the knowledge of, the IT department. The more legacy applications and access points within the business make things such as Shadow IT more difficult to control and even identify.

Employees’ cyber security awareness, skills, company code of conduct, and training

People still represent the biggest security risk for most companies. This comes about from all the ways we interact with networks on devices, both inside and outside a company’s network – from mobile devices, working from a coffee shop’s Wi-Fi, and any place where interconnected identity sharing occurs. The Internet of Things providing new connection points online will only increase and also become the ‘new normal.’

Cloud Computing and Cyber Security

Cloud security is the future of cyber security: “Cloud services can not only secure data within the cloud, but can leverage the transformative cloud industry to secure the endpoint users that use the service.”

“Cyberattacks like the WannaCry/NotPetya pandemic and the extraordinary growth of ransomware are often launched by sophisticated attackers – sometimes state sponsored – that bowl over traditional and legacy security.  The modern attackers are cyber spies that use traditional espionage tactics, together with innovative and disruptive malware to bypass passive, defence-based security measures.  To defeat such attacks, security must transform itself into an active profile that hunts today’s attacks as aggressively as it predicts the threats of tomorrow,” says an industry insider.

“To predict and defeat attacks in real time, cybersecurity must move to the cloud. The cloud can leverage big data and instant analytics over a large swath of end users to instantly address known threats and predict threats that seek to overwhelm security.”

“It’s time to fully embrace the future of security.  That future is within the cloud.”

Predictive security in the cloud has innovated security, using the power of the cloud to make predictions about, and protect against future and as-yet unknown attacks. Predictive security in the cloud can identify attacks that other endpoint security products miss, and this shifts the balance toward providing advantageous security.

Have you moved your business IT to cloud computing yet?

As an IFA business, what if your back office system is Adviser Office and you want to move to the security of the cloud?

We have a hosted remote desktop core solution for you, residing in the entrusted power of our cloud.

Having provided hosted solutions for our clients for some time, it is clear that there is a wider demand for a completely hosted remote desktop environment which contains not only Adviser Office, but also all of the other elements which integrate with AO including –

  • Microsoft Office applications
  • a realistic amount of data storage
  • a robust back up strategy including the requisite number of data restore points
  • remote desktop scanning
  • if required, a document management system
  • and, finally, connections to third party software vendors such as moneyinfo, who provide a first class product which, when added to Adviser Office and our hosted remote desktop environment, gives a hugely desirable matrix of products and services that takes away the mammoth headache of needing to change back office systems.


“Adviser Office remains a major force in terms of back office systems in the UK IFA sector,” says David Littleboy, ITSOL Managed Services Director and IT industry expert. “ITSOL has over twenty years in this market caring for our IFA clients, and although we look after clients who use all of the mainstream back office systems, we are acutely aware of the disruption caused when clients change back office systems in terms of staff retraining, costs involved, customer familiarisation and general business interruptions.”

It doesn’t have to be that way. In fact, from our experience working with a wide variety of clients in the IFA and wealth management sector, we think many businesses are spending more than they need to on a range of ad hoc IT measures, without thorough consultative planning. Systems are diverse, and they are getting more complex by the week.

Systems architecture can be the key to balancing control, security, and accessibility. It’s about making sure you have an effective IT system that supports your business operational requirements as well as the ability to act in real-time, at any location, with instant access, and becoming more intelligent about your customer’s needs.

Prepare your IT architecture to connect to anything, anywhere, always with the best cyber security measures in place.

“The way you assemble the technical building blocks can protect your business against cyber-threats without adding needless barriers to discourage interaction.”

We’re available to chat through your IT requirements, IFA remote hosting, cloud computing, and cyber security needs – [email protected]