Investment firms’ storage of customer data may not be safe from hacking, SEC says

24 May 2019 7:18am
Some broker-dealers and investment advisers’ storage of customer records and other information may not be safe from hacking, according to a risk alert issued for firms today by the US Securities and Exchange Commission’s compliance office.

The SEC’s Office of Compliance Inspections and Examinations said it discovered security risks during recent examinations in the way some firms store information in the cloud and on other network storage solutions.

“In some cases, firms did not adequately configure the security settings on their network storage solution to protect against unauthorized access,” the SEC alert said. “In addition, some firms did not have policies and procedures addressing the security configuration of their network storage solution.”