Answer:
Answer by Clayton Hoskinson:
This may sound like a simplistic response but, the client needs to be educated on encryption and the security of their information passing over the Internet in clear text.
If the clients won't use the secure email that you have provided maybe they would consider using an encryption software package like PGP (Pretty Good Privacy).
Answer:
Answer by Trent Fleming:
The problem here is an account management issue. Many brokerages provide e-mail accounts for their employees, and allow them to communicate with customers (non-encrypted) via this e-mail. However, they will not accept orders for purchases, redemptions, transfers, etc. via these e-mail accounts.
Your account officer has to be firm with the business that you will not act on information sent through non-encrypted e-mail delivery. It should be easy to explain to the customer the risk they are taking by not using encrypted e-mails. Be firm, and you will greatly reduce the possibility that you'll be held accountable for a security breach that was entirely caused by a customer.
Answer:
Answer by Andy Zavoina:
I would add to the above that if the customer sends you an encrypted message, you have to be able to decrypt it.
In your educational process, be sure to point this out as they may get their free copy of PGP and send you an urgent message which you may not be able to read for lack of licensed, compatible software.
First published on BankersOnline.com 2/17/03
print
share