Being an investor takes non-stop concentration and multitasking. In a never-ending race for value, constant bulls vs bears struggle, endless trend analysis, it’s easy to get carried away. You start thinking more about the birds in the bushes rather than the ones that are already in your bag, if you know what I mean. A profits opportunity overshadows whatever savings you’ve made so far, the possibility becomes more of a concern than the reality.
If you recognize yourself in the picture above, you’ve got some priorities to check. Without securing your resources and protecting your privacy, you as an investor become extremely vulnerable. There are entities around that are more than happy to cash in on your negligence. Hackers, identity thieves, data dealers, and a plethora of other malefactors will be more than happy to bypass your defenses and leech some of your gains.
Seth Klarman’s Collective Wisdom: Risk Analysis Is The Key To Investment Success
Please note this article is based on publicly available information, however ValueWalk just received Baupost's 2018 letter moments ago and will have exclusive coverage shortly. Seth Klarman is widely regarded as one of the best value investors the world has ever seen. Over the past few decades, his hedge fund, the Boston-based Baupost, has achieved Read More
Today, I’d like to tell you about the dangers lurking around the trade you’ve chosen and the steps that you should take to fend them off. Luckily for you, most of the hard work has already been done by others - the research, the development, etc. You only need to know your tools and use them properly.
2 security-related issues that you should consider
There are two major points of concern to keep in mind when discussing online threats around the investment business. Let’s delve into them:
- Safety of your personal data and internet traffic
This includes your sensitive data, bank credentials, security keys, transaction details, etc. Getting their hands on such information, third parties can take possession of your trading and banking accounts, or track and intercept your transactions. They are free to either baldly gut your balance, or discretely involve it into their schemes without you even noticing.
- Safety of your identity (anonymity)
This one is more about your own protection. If you won a lottery, you wouldn’t announce this fact, along with your address and sleep hours, on radio, would you? Well, logging to an unsecure network provides criminals with just as much information about yourself and your habits, if not more. Stories like the one that happened to Mikhail Svetov, a bitcoin trader who was tortured for his wallet passwords, show that no amount of account protection is sufficient on its own.
Many a netizen is subjected to fight these threats all by themselves and only with the tools they are able to get ahold of. Fortunately, investors are in a much better position than an average Joe. First of all, most brokerages worth their salt use SSL/TLS for web-based activity. It is a family of cryptographic protocols developed to provide the security of your communications. To see if your broker follows this practice, check their online address. It should start with https rather than http (the “s” is for “secured”).
Another crucial benefit that your broker most likely provides is all sorts of 2-factor authentications. A thing to keep in mind about this feature though is that while SMS 2FA has long been the most popular option, it’s no longer considered that safe. It is vulnerable to spoofing and cloning attacks, and thus should be given up on in favor of more reliable options. These may include:
- your physical presence in the branch,
- providing a government-issued ID,
- presenting a signed letter or a hardware token issued by the bank,
- using Google Auth, etc.
As to the second part of the topic - anonymity - there’s not too much you can do about it brokerage-wise. These entities are legally obliged to gather some of your identity-defining data to comply with anti-money laundering and anti-terrorism regulations. The positive thing is, they won’t give this information away to every Dick and Jane. Sure, gathering so much precious info in one place poses a high risk of exposure, leaks, and whatnot. And while it’s a necessary evil, that doesn’t mean you have to give up on your privacy completely.
Why am I stressing this subject matter so much? Because nowadays, we are faced by an unprecedented scale of government and corporate surveillance. With the repeal of net neutrality by the US Government, ISPs have been given full freedom to sell users’ personal information to third parties. Recent Facebook-Cambridge Analytica scandal further accentuates the importance of anonymity protection for any conscientious netizen. Let alone those who work with long-term value stocks!
No such thing as overprotection when it comes to your money
Allow me to introduce you to a security solution that synergises well with the aforementioned broker-applied measures. I’m talking about a technology called VPN (Virtual Private Network). You’ve probably already heard something about it, since the term is household these days (no wonder, considering VPN services’ handy functionality).
In its core, this technology consists of two components:
- encryption protocol to secure your data,
- tunneling protocol to ensure its untraceable transfer to the point of destination.
Some more elaborate versions, such as Business VPN by KeepSolid, offer numerous extra features, but those two are defining.
There is a number of benefits for an investor or a trader in the use of VPN services. First of all, it allows you to operate outside of trusted networks, or even when connected to a public WiFi. This would normally be a big no-no. Any WiFi owner (or a hacker who breached their way into the network) can easily sniff and intercept your unencrypted traffic, providing them full control over your funds and accounts. Well, with you having a VPN service on board, they will only see some incomprehensible gibberish instead of your data!
The second advantage results from VPN services routing your traffic through an additional node - VPN server - via a protected “tunnel”. As a result, anyone trying to monitor and track your activity will only be able to trace it back to the said server. Which, considering that all decent VPN service providers don’t store logs and host thousands of people using the same server simultaneously, makes this knowledge downright useless for the monitoring parties.
As a bit of a bonus, using a VPN server of your choice basically replaces your real IP with that of a server for any external observer. Which means that if an online service for some reason restricts accessing itself from your location (a common issue for video services), you can simply bypass geo-based block by logging via a foreign VPN server.
- Know and acknowledge the danger.
- Avoid brokers who don’t utilize SSL/TLS.
- Establish a thorough 2-factor authentication on your accounts (NOT the SMS-based).
- Use VPN as the last line of defense and when working in an untrusted environment.