Cyber Security Month: How We're Keeping Your Data Safe

By Rick Boeth, CISSP, CISM - October 23, 2017

Cyber security is a relatively new term. In fact, Merriam-Webster lists  its first-known use as 1992. When the internet became publicly available in 1991, a new crop of criminals was born—and with it, the term "cyber security" was coined. Now, cyber incidents like the Equifax breach, state-sponsored ransomware and campaign hacking seem to make headlines regularly.

Knowing that the financial industry is so often the target of cyber criminals, we take the necessary precautions to protect clients' hard-earned assets. That's the collective goal of our team: to retain your trust.

In honor of October's designation as National Security Awareness Month , we want to highlight ways to proactively guard against the threat of cyber criminals. Some of those, like the ones we touched upon in part one, start with you. Others are shouldered internally at American Century. Today we'll shed light on some of the controls we have in place to safeguard your personal information and your investments.

An Eye on Physical Security

Protecting information is a multi-layer process and starts with physical security: American Century has a professional security staff that oversees our facilities 24/7. Other physical security components include cameras, monitored alarms and access control systems.

Using Technology to Fight Back

Strong, multifactor authentication is one of the most important steps we can take to protect you and your account. With that in mind, we've implemented a login process that's both simple and secure.

When clients first access our site, they have the opportunity to register their computers. Behind the scenes, we create a special security key that is unique to a specific computer and only enabled with a matching password a client creates. Neither the password nor the key is stored in our systems. In subsequent logins, the password enables the use of the unique key. This combination of "something you have" (the security key on a computer) and "something you know" (a username and password) makes the process multi-factor.

A number of other technical controls are in place throughout our computing systems, including encryption, firewalls, intrusion detection, security event monitoring and anti-virus. Our information security specialists design and maintain technical security systems; in addition, we hire outside firms to augment the testing of our controls.

Common Sense Administration

One of the ways we can secure private information is to put in place internal controls, in terms of company policy. Here's how we do that:

  • Job duties are separated to avoid the possibility of an individual employee being able to transact without oversight.
  • We restrict access to client records to those whose job function requires it to perform their duties, and we review those permissions regularly.
  • We have implemented a multi-step approval process for granting an associate access to sensitive data.

Doing business in the cyber age means doing business online, and we want clients to be confident that we are focused on keeping private information secure. That's the idea behind our Security Guarantee. It's our promise to reimburse any individual investor American Century account if we conclude there was unauthorized activity resulting in a loss, and that the it was not the client's fault.

But this does require some common sense best practices on clients' part—not sharing login information with anyone, installing and maintaining recommended software updates on their computers, and frequently checking account communications and transaction history are among them.

Rick Boeth, CISSP, CISM
Rick Boeth, CISSP, CISM

Think Before You Connect

Read Part 1 of the Cyber Security Series: Think Before You Connect.

Read Part 1

More Tips

Get more tips on how to safeguard your account and identity.

Security Center
  • Related Articles
  • More From Author

Fundamental vs. Quantitative Investing–Same Goal, Different Process

You may be investing for retirement, a child’s education or building your portfolio for other dreams. To boost your knowledge, we break down two approaches to managing stock portfolios.

Trading One Risk for Another? Find the Right Balance

“Playing it safe” and cashing out isn’t always safer. Here’s how to balance the fear of losing money with missing a market rebound.

The Surprising Truth about Diversification

Diversification is often touted as the most important strategy in an investor's toolkit. But what is it? And what is it not?

    Identity Theft: Tips to Protect the Whole Family

    Spending more time online during the coronavirus outbreak? Get tips to protect your loved ones from scammers.

    Protect Your Data—and Your Dollars

    Are you in control of your online data? With data breaches in the headlines more and more, get tips to safeguard your info and protect your finances.

    Don't Be Haunted by Identity Theft

    Anyone can be a victim of identity theft. And when it goes unnoticed, the financial damage can take years to repair.

      The opinions expressed are those of American Century Investments (or the portfolio manager) and are no guarantee of the future performance of any American Century Investments' portfolio. This material has been prepared for educational purposes only. It is not intended to provide, and should not be relied upon for, investment, accounting, legal or tax advice.