This Q&A is with Linda Ding of California-headquartered Laserfiche, a provider of ECM, BPM and document management system solutions, about what the firm does and why, cybersecurity and other fintech-related matters. Ding is a financial services program senior strategist.
What is Laserfiche and how has the firm developed since its inception in 1987?
Laserfiche is a global technology company focused on enterprise content management (ECM) and business process automation solutions for highly regulated industries such as financial services, education, government and healthcare. For wealth management firms, Laserfiche ECM software is used in business processes including new account opening, compliance document reviews, wire transfer, accounts payable, claims processing, contract management, human resources, vendor management and other areas.
How do you meet the needs of such a diverse client group?
Laserfiche’s client base shares common challenges and requirements in digital information management. All of these industries host repositories of highly sensitive business and client information that must be accessible yet secure. In addition, these organizations face complex regulatory compliance issues, which entail labor-intensive and highly regulated procedures. Laserfiche provides secure document management tools, as well as workflow automation tools that help users to streamline their daily business management tasks.
There isn’t a one-size-fits-all option when it comes to cybersecurity. What are the most important steps that advisors can take to improve the safety of their operations?
As stewards of their clients’ most important financial and personal data, advisors are common targets of malicious attackers. Attacks can range from attempts to gain access to clients’ sensitive data to using advisors as an attack vector to gain access to larger trophies—the organizations that these high net worth individuals represent. The ransomware attacks targeting hospitals and municipal governments that are in the headlines may soon spread rapidly to wealth management firms that cannot easily recover from the embarrassment of sensitive client information being held hostage.
Since there’s no foolproof way to prevent cyberattacks, the best defense is a good offense to reduce the impact of a cybersecurity breach. Firms should have a “defense-in-depth” security program that includes network security, intrusion detection and prevention, malware prevention, patch management, security awareness training and back-up/recovery strategies.
Since phishing and other methods are commonly used to perpetrate malware and ransomware, advisors should be trained to detect and avoid opening malicious content such as unsafe URLs and suspicious documents. Wealth management firms should have a security incident response plan that is tested and updated regularly. Storing vital records and critical business information in an ECM system—along with a robust back-up and recovery strategy—will help organizations respond to and manage cybersecurity incidents.