Practice Management
Simple ways clients can protect themselves online
Ron Schekman
Information Security Manager
  • Cyberattacks routinely target personal financial information — as it’s very valuable.
  • Individuals can adopt simple safeguards to protect their own data.
  • Sound digital practices can provide an ongoing defense against theft of personal financial data.

It goes without saying that we’re more digitally connected than ever via e-mail, smartphones and the Internet. But while technology has made our lives easier in countless ways, it’s exposed us to an array of digital threats that seem to grow bolder and more sophisticated by the day. The headline-grabbing cyber attacks over the past year underscore the lengths to which hackers will go to steal our personal and financial information.

The most serious threat we face is the exposure of sensitive data such as financial or medical records. This can leave you susceptible to credit card fraud or identity theft, both of which are burdensome to clean up. Another major concern is “ransomware,” a form of malware that allows hackers to lock you out of your own computer until you pay a fee to regain access. The constantly evolving nature of cyber threats makes it impossible to ensure your complete digital protection.

Nevertheless, there are steps you can take to significantly improve your digital defenses regardless of the type of device you have. Here are some basic tips:

1. Check that automatic updates on your computer and cell phone are turned on.

This ensures that you’re running the latest version of an operating system, with the most current electronic protections. It’s a quick process. On an iPhone, for example, click Settings, then General, then Software Update and follow the steps. If you’re using Android, go to Settings, then System, open the Advanced section and choose System update. You should also make certain that third-party browsers such as Google Chrome and applications such as Adobe Flash are kept up-to-date or blocked.

2. Double-check that you have the latest antivirus software, which is essential in guarding against malware that hackers use to gain illicit entry to our devices.

Among the better-known purveyors of antivirus packages are Symantec and McAfee. There are many free offerings from providers such as AVG, Avast and Avira.

3. Keep careful track of passwords.

By now, it’s well known that passwords are essential for devices, e-mail and websites. Passwords should be complex and difficult to guess. That means no names, birth dates or easily identifiable strings of letters or numbers. Make passwords long — ideally at least a dozen characters — and never use the same password on more than one site.

It doesn’t matter how good your memory is — it’s impossible to remember every password. So you need a reliable way to store them. There are three options, each with virtues and drawbacks.

The first is an online password manager, which is a website or app that stores passwords. You type in a master password to gain access to other passwords. Some of the more popular offerings are 1Password, Dashlane and LastPass.

Of course, the risk of a cloud-based system is that the site itself could be hacked. To avoid that, you can store passwords in an encrypted program that sits directly on your phone or computer. The downside is that passwords kept on, say, a home desktop computer can’t be accessed when you’re elsewhere. Still, I prefer this option for its safety. Among the better-known offerings is Password Safe.

Finally, you can always jot down passwords on paper. But it’s easy to misplace slips of paper, so keep your list in a safe location.

4. Be careful about your digital behavior.

Beyond these measures, it’s important to develop good digital habits. Do not share extensive personal details on social media. Also, be alert to phishing scams, in which an e-mail purporting to be from a friend or legitimate company contains links or attachments that unleash malware. Unfortunately, these imposter e-mails have come to look ever-more authentic. Always exercise caution with unexpected e-mails from any source. If an e-mail directs you to a website, hover over the link with your cursor to see whether it matches the supposed destination. Even better, disregard the link altogether in favor of directly signing on to the website itself.

If you use public Wi-Fi, install a virtual private network app on your mobile device to encrypt your communications. There are a number of VPN options, including Private Internet Access and TunnelBear. As a further precaution, delete the public Wi-Fi network from your phone after you’ve disconnected. You can remove individual networks on Android devices, but iPhones only allow you to expunge all networks at once. At home, make sure your wireless service is secured with a strong password.

5. Always back up important files.

In addition to all these precautions, be sure to back up your data offline on a thumb drive or external hard drive, perhaps supplemented by a cloud-based service. This can guard against several problems, including a sudden glitch in an internal hard drive. The importance of backing up has been heightened by the emergence of ransomware. In a worst-case scenario, a ransomware scam could block a user from cherished files such as family photos.

As you can see, these measures can go a long way toward boosting your digital defenses. Most of them take only a few minutes to implement. Given the potential cost and inconvenience that a security breach can pose, it’s wise to make your devices as safe as they can be.


Ron Schekman is a Capital Group information security manager overseeing cybersecurity activities. Based in our San Antonio office, he has 22 years of technology industry experience and has been with Capital Group since 2007.

Learn more about


Investments are not FDIC-insured, nor are they deposits of or guaranteed by a bank or any other entity, so they may lose value.
Investors should carefully consider investment objectives, risks, charges and expenses. This and other important information is contained in the fund prospectuses and summary prospectuses, which can be obtained from a financial professional and should be read carefully before investing.
Statements attributed to an individual represent the opinions of that individual as of the date published and do not necessarily reflect the opinions of Capital Group or its affiliates. This information is intended to highlight issues and should not be considered advice, an endorsement or a recommendation.
All Capital Group trademarks mentioned are owned by The Capital Group Companies, Inc., an affiliated company or fund. All other company and product names mentioned are the property of their respective companies.
Use of this website is intended for U.S. residents only.
On or around July 1, 2024, American Funds Distributors, Inc. will be renamed Capital Client Group, Inc.
This content, developed by Capital Group, home of American Funds, should not be used as a primary basis for investment decisions and is not intended to serve as impartial investment or fiduciary advice.

Use of this website is intended for U.S. residents only.