Low-Tech RIA Data Risks

Admin Risk Management Leave a Comment


Often the basics of data protection are overlooked. In the time of advancing technology, Bring Your Own Device (BYOD) and Firewalls are the topics of interest for Registered Investment Advisors (RIA) when protecting data. Unfortunately many of the traditional methods of protecting client information is overlooked. The below article does a good job of highlighting the internal data threat.


Deland, Gibson can partner with RIAs to diagnose and address internal and external data risks. Via the DGDifference we have proprietary risk management tools that are made for RIAs to protect sensitive data. What was not mentioned in this article is that for RIAs that have a location in the Commonwealth of Massachusetts they must also have a Written Information Security Plan WISP on file. This law CMR 17 addresses many of the issues that are discussed in the article but still should not be over looked. It is very easy to have a WISP and still not practice what you preach in the document. RIAs often to not have the built-in infrastructure to manage sensitive data, so it is extremely important to perform annual due diligence on this exposure, DG can help address the risks and proactively lower the exposure.

Contact Chip Gibson at DG for more information and a complimentary risk assessment.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.