Lock the door on hackers
Editorial: Would you leave your front door open when you go out? Not if you can help it. Online, it happens a lot.
This week, Yahoo admitted to a large leak in 2014 affecting 500m users.
Meanwhile, the Financial Times recently reported that details of 5m employees of large companies have been accessed illicitly in the past few years, including email addresses and passwords. The information was stolen from networking and dating sites and belonged to people who had signed up with their work email addresses, often reusing their work passwords.
These stories highlight that cyber security will only grow as an area of importance and concern.
The chief of the Pensions Regulator, Lesley Titcomb, recently warned a group of delegates at a Society of Pension Professionals event that cyber security should be “a key risk” on pension funds’ risk registers, Pensions Expert reported.
Pension funds and their administrators are a treasure trove for anyone with less-than-benign intentions and the know-how for misappropriating and exploiting the data they hold.
Illustration by Ben Jennings
A new generation of members now want access to pension information on their mobiles and tablets, potentially using public networks. They may seek to make transfers online, or request lump sum payments through their pension fund’s website, all creating potential additional risks.
Text messages warning that changes have been made to their address details or a payment has been authorised, such as some banks use, could create a level of extra security. Undoubtedly there are many more defence strategies experts have thought of, from multiple layers of authorisation to putting in place the right encryption.
Pension funds could help by making members aware that the value of their pension fund can be much bigger than what they have in their bank, as some have pointed out – and they should therefore be especially cautious when they access their scheme online.
The DC Debate - part 1: Digital DC, and where mastertrusts are headed
In the second DC Debate of 2016, eight panellists discuss the pensions dashboard, cyber security and the future of mastertrusts.
By simply raising awareness about the importance of using secure passwords, changing them frequently and logging out at the end of a session, pension funds could further help reduce the risk to members and shut the door on the hackers.
Sandra Wolf is editor at Pensions Expert. You can follow her on Twitter @SandraCWK and the team @pensions_expert.
Most Viewed
- ‘A fundamental point of fairness’: MPs call for action on discretionary increases
- TPR to scrutinise ‘systemically important’ professional trustee firms
- What does Labour have in store for the pensions industry?
- Defining the role of the scheme actuary
- Five themes at the forefront of a sustainable future