Last Updated: December 5, 2018
Be aware of potential threats, steps you can take to protect yourself, staying informed and reporting Fraud or Suspicious Activity to BBH.
At BBH, the security of our client’s information is paramount. As part of our Information Security Program, we employ technology and processes to protect our clients’ information. However, there are steps you can take to help further protect your information.
The purpose of this page is to provide you with suggestions regarding actions that you can take to ensure the protection of your information.
Be aware of potential threats
To protect your information, it is important to be vigilant to the potential threats that exist today. Cyber criminals looking to obtain confidential and/or personal information from an individual or company often employ deceptive techniques to “trick” people into readily handing over such information (i.e., phishing) or unwittingly opening themselves up for security attacks (i.e., spoofing). These techniques can include, but are not limited to, emails appearing to be from legitimate sources, internet “pop-ups”, and online advertisements hiding malicious viruses or malware, fake websites, etc.
In today’s world, it is critical to be cautious when accessing and sharing your personal and confidential information online and in your daily interactions. The following are some important considerations to be mindful of while performing your daily business and personal routines:
- BBH's website address is https://www.bbh.com. All legitimate communications from BBH will come from a bbh.com domain. All others should be considered suspect. If you have any questions about BBH's website or suspect you may have received a suspicious BBH link or BBH email you may call your BBH Relationship Manager or contact BBH at any of our main locations.
- Be cautious of any emails requesting personal or confidential information. Under no circumstances will BBH ever contact you on an unsolicited basis (by telephone, email or otherwise) and request that you provide your logon credentials, electronic banking or other personal information.
- Do not share personal information with anyone whom you are not familiar with or trust.
- Access your accounts regularly and monitor activity for possible fraud.
- Institutional banking clients should perform information security risk assessments of the related controls in their environments periodically in accordance with their institutions applicable programs.
- Not all public Wi-Fi networks are secure, especially in café's, hotels, and airports. Learn what to look for and how to protect yourself when using these networks.
Steps you can take to protect yourself
In addition to being aware of potential online security threats, there are several steps that can be taken to enhance the security of computer, network or personal devices. Below are some points to consider for protecting the integrity of personal and confidential information on these devices. For additional information, please refer to the Stay Informed section below.
For all internet capable devices, refer to your device's security protocols for a complete list of security related options, and consider the following:
Securing the Computer
- Enable automatic updates on security software
- Enable personal firewalls as a protective barrier between the user and the internet
- Operating systems should be updated to the latest version
- Patches from the vendor should be updated on a regular basis
- Web browsers should be updated on a regular basis
- Web browsers should be configured to use the strongest encryption available
- Virus protection and anti-spyware software should be installed and updated regularly
- Periodic full scans should be performed
- Where possible, access to the device should be limited to only the required individuals
Securing Wireless Networks
- Wireless networks should be configured to use the strongest encryption available and password protected
- Older, out dated wireless equipment should be replaced with newer, more secure models
- Default router names and default passwords that were assigned by the manufacturer should be changed during installation
- Wireless networks should be disabled if they are not going to be used for long periods of time
Securing Personal and Confidential Information
- Where possible, passwords should be complex and unique to each individual account
- Passwords should be kept secure and not shared with anyone
Sharing personal and confidential information should be limited to trusted individuals and should only be provided as required via secure websites
- The transmission of personal and confidential information in an email should be limited as most email systems are not secure
- Important files should be backed up on a regular basis
- Always "logout" of online sessions when exiting to ensure the session is completely terminated -simply closing the browser may not terminate the sessions completely
Securing Mobile Devices
- Enable the password lock functionality
- Enable idle timeout to automatically lock the device when not in use
- Operating systems and installed applications should be kept up to date
- Where possible, encrypt data residing on personal devices
- If disposing of a personal device, all personal data should be permanently deleted from the device's data storage media
- Simply deleting the file names may not permanently remove the data so use the device's wipe features, or look for products designed to prepare a device for disposal
There are many resources available online that provide information and tips about staying secure while on the internet. Take the time and stay informed.
- The Federal Trade Commission's (FTC) website is a resource for institutions and individuals alike. Throughout the site, there are tips and information on preventative security and what to do in case of fraud.
- The Department of Homeland Security (DHS) website has many topics and links about the responsibilities of the DHS including many useful tips and information sources.
Reporting Fraud or suspicious activity to BBH
If you have a question regarding any BBH correspondence, or suspect any suspicious or fraudulent activity, please contact us at any one of our locations or by calling your BBH Relationship Manager directly.
Locations can be viewed here: https://www.bbh.com/en-us/contact-us/office-locations