Why Financial Advisors Should Encrypt Their Emails When Handling Private Client Data

Why Financial Advisors Should Secure Communication between Their Clients

As technology advances, it has become more and more critical for financial advisors to keep client information safe and secure. It does not matter whether the information breach occurs because of a human error or a cyber-attack.

A single instance of data breach can destroy client trust. These people will no longer believe that you can be trusted with their personal and confidential information, including their ID card numbers or any other piece of private information provided to their financial advisor.

Encrypting emails when sending confidential information is one of the most effective ways to secure sensitive information — however, not all financial advisors are taking this initiative.

Let’s take a look at the benefits Bracket email encryption can provide to encrypt communication between your clients.

Multi-Layered Advanced Encryption

Advanced Encryption Standard or AES is a cutting-edge specification for data encryption that is accepted by the US and Canadian governments to secure data at rest and in transit. This allows data encryption to occur at multiple levels, which start when the message is transmitted from the sender till the message is delivered to the receiver. Every piece of data has been encrypted multiple times in several layers, and to access a single piece of data, it will be necessary to unlock several encryption layers.

Individual Password for Messages

To add an extra level of security to your email, Bracket can assign an individual password to each message sent to the client. When sending an encrypted email to non-private free email addresses (Gmail, Yahoo Mail, etc.) financial advisors should always use a message password.

Message Self-Destruct

Bracket only retains your sensitive messages for up to one year. If you want to save the email for over a year, it is important that you download it to the computer. However, if you want to expire or self-destruct the message more quickly, you can easily set the message expiration date for each email. These emails will be destroyed when the expiration date is reached, and they will not be accessible to anyone else.

Distributed Encryption Key

This method uses multiple sources to create a single encryption key. The encryption keys used for a multi-layer AED256 encryption chain are not stored in a single physical location and database. They are separately located and have their own access controls so that access is limited. In the case of personal data keys, Bracket users hold only the final encryption keys, so even Bracket cannot access all the data.

Two-Factor Authentication

You can set up two-factor authentication through the Bracket console. The software will ask for your mobile phone number for verification purposes. Once the authentication is enabled, every time you attempt to sign in to your Bracket Console, you will also need to enter a randomly generated six-digit pin code, which will be delivered to your mobile phone via SMS.

One-Time Sign-In Link

Every time you need to sign in to the Bracket email encryption console, you will need to get an expiring one-time sign-in link, which typically expires within 15 minutes of being delivered to the email inbox. This sign-in link also works just once, so no one can use an old link to gain access to private information.

Secure Data Key

With Bracket email encryption, you can also generate a secure personal data key by going to the settings in the console. During setup, your personal data key will be shown to you, and you will need to record and store this key in a safe place. When enabled, the key will be added to the AES256 key that will encrypt every message handled by Bracket.

Device Fingerprinting

The sign-in links will only work from the device that requested access. If you attempt to sign in from a different device, the link will become invalidated, and the session will be blocked. That’s because Bracket takes the “fingerprint” of your device and embeds it in the sign-in link that you receive via email. If the sign-in link was originally requested from a laptop and you try to sign in from your cellphone, the system will block you from gaining access. You will then be asked to request an expiring sign-in link from your mobile phone. In addition, the sign-in message will also include the requesting device’s IP and Google map image of the location.

It's a Lot Simpler Than You Think

Although email encryption sounds complicated, Bracket allows you a user-friendly way to enable it. Email encryption not just keeps the user’s email secure, it also keeps email safe for the user’s recipients. As a financial advisor, if you want to keep communication with your clients secure, we recommend using our Email Encryption service. Reach out to us today at Bracket Email Encryption.