These days savvy investors don't have to rove too far to be able to put their money into the market — in fact, they don't even have to get up from the couch. While this allots for more freedom, there are still risks — some that go beyond a bad trading day. Now, more than ever before, consumers run the risk of being hacked into and having their information pinched by a peeper (think: hackers and malware).
Here are some pointers for the DIY investor, as well as anyone logging onto a site or opening up an app with sensitive information.
1) Think of yourself as a business
The information you are collecting and the transactions you are undertaking are business-type in nature. Whether you're in a coffee shop (highly not recommended if you're on shared wi-fi by the way) or logging on from a home office, "It's a financial transaction and you're storing records," says Michael Kaiser, executive director of the National Cyber Security Alliance. "There is an attitudinal piece where you need to take the attitude that you actually have something to protect. Have security at the top of your mind in all transactions."
2) Keep a clean machine
Make sure you are running up-to-date software on every single device that you use to trade on, including phones and tablets. If you're using an app that is provided by a third party, be sure to upgrade it. Given that some upgrades are buggy at first, waiting a day or two until the bugs are fixed isn't a problem, but be sure to upgrade soon and as needed. It is also a good idea to occasionally check your systems for any potential viruses, malware or phishing software.
3) Remember, your data is your golden ticket
According to Steven Grossman, vice president of program management at Bay Dynamics, DIY investors tend to focus more on maximizing their returns and less about loss of personal data or patching their operating system to prevent malware from compromising their laptop. "If something were to happen and somebody stole your identity or compromised your trading account, the relative financial impact would be much greater because of an individual's limited resources to remediate and recover," he says.
4) Passwords have grown up and come a long way
Gone are the days when the first name of your first pet or the current season sufficed in the land of passwords. Kaiser says to ask the websites and services you use if they offer multi-factor or two-step verification. This practice involves the traditional login and password followed by an extra step, such as a text to your mobile phone, to ensure that you authorize the log in.
5) Speaking of passwords
Kaiser has some tips and tricks for coming up with a stronger password. Bearing in mind that it's important to make them different for each account, Kaiser suggests getting creative while simultaneously keeping snoopers out. While it can be as simple as switching letters with symbols (S with $ or A with @), Kaiser suggests thinking of a core password that is "complex but memorable" and then adding suffixes or prefixes to the core word for other accounts. "Another thing I suggest is to use the first letter of the first line of your favorite song and a number after it. [Also,] past phrases are fine if you have upper and lowercase letters and symbols," he says. Finally, if you aren't sure about how secure your password is, there are password checkers out there that allow you to test how they measure up.
Bonus: When in doubt, reach out
Grossman says it's imperative to pay attention to your machines and data and to what the tools you install are telling you. If something is amiss, "DIY investors are typically independent types that are reluctant to ask for help," he says. "In the complicated world of technology and security, it is really important to know your limitations and reach out to experts — it will be a lot cheaper than the alternative."