ATO provides cyber security tips for SMSFs

Share this article:

In the wake of the recent Optus cyber attack, the ATO and Australian Cyber Security Centre has outlined some important steps to help trustees keep their data safe.

 

Following the recent Optus data breach which saw the personal information of 10,000 customers exposed, the ATO said the Australian Cyber Security Centre (ACSC) will be sharing guides and resources that will help individuals protect their information from cyber criminals.

In an online update, the ATO warned that cyber criminals hack devices by using known weaknesses in systems or apps.

“Check your devices for updates, and turn on automatic updates so that future updates are made straight away when charging and in Wi-Fi,” the ATO advised.

The ATO said individuals should also ensure they’re using multi-factor authentication.

“Multi-factor authentication (MFA) is a security measure that requires at least 2 proofs of identity to grant access. MFA options can include a physical token, random pin or fingerprint,” it stated.

“Using MFA significantly boosts your protection against criminals. While they might manage to steal one proof of identity, like your password, they will be locked out of your account without the other.”

The ATO said it is also important to back up data by saving copies of files on an external storage device or an online server like the cloud.

“It means you can restore your important information if something goes wrong. Setting up automatic backups in your system or application settings will give you peace of mind,” said the Tax Office.

For more detailed guidance and to find out more about the latest cyber threats, individuals and SMSF trustees can visit cyber.gov.au, the ATO said.

 

 

By Legal
28 September 2022
smsfadviser.com

Want to know more?

Do you have a question about something you've read in this article? Need more information? Want to book an appointment? Simply let us know below and we'll get back to you ASAP.

Share this article:

Get in touch

logo

General Advice Disclaimer | Privacy Policy

Contact Us

General Disclaimer

The information contained on this website is general in nature and does not take into account your personal circumstances, financial needs or objectives. Before acting on any information, you should consider the appropriateness of it and the relevant product having regard to your objectives, financial situation and needs. In particular, you should seek the appropriate financial advice and read the relevant Product Disclosure Statement or other offer document prior to acquiring any financial product.

Dr John Tickell is a registered Medical Doctor, who graduated at the University of Melbourne, Australia. Dr John has spent several decades travelling and researching the eating and living habits of the longest living, healthiest people on our planet.

The author may give opinions and make general or particular statements in this literature regarding potential changes of lifestyle habits based on experience and research. You are strongly advised not to make any changes or take any action as a result of reading or listening to this material without specific advice from your doctor, physician or registered Health Professional.

The author, the Publisher, the Editor and their respective employees or agents do not accept any responsibility for the actions of any person, or injury, loss or damage occasioned - actions which are in any way related to information contained herein.

Opinions and statements in this literature are based on verified research and experiences by the authors and are to be regarded as health and wellness advice.

Privacy Policy

What Personal Information Do We Collect?

The personal information that we collect will depend on your relationship with us and the service(s) you or your organisation have engaged us to provide or are interested in. It may include:

Name and contact information (including telephone and mobile number, email address and residential and postal address);

Individual information (including racial or ethnic origin(s), language(s) spoken, religious belief(s) and affiliation(s), date of birth, age, place of birth, gender(s), occupation(s), employment and qualification details, financial records, income details, asset listings, taxation records, bank account details, insurance policies, medical history, disability status, criminal record and Court records);

Payment and transactional information (including banking and credit card details);

Other personal or sensitive information (including information contained in communications or documents, any information required due to the nature of your matter, or information we are required to or permitted to collect by law).

Collecting Personal Information

HOW WE COLLECT PERSONAL INFORMATION

We may collect your personal information directly from you or in the course of our dealings with you. For example, we collect personal information from you or about you from:

Correspondence between you and us;

Meetings and interviews with us, telephone calls with us, the instructions you provide to us;

Visits to and submissions you make on our website;

Your interactions with our electronic direct mail and/or emails from our marketing campaigns (such as clicks on links included in these emails); and

Registration and forms you may fill in for our marketing-related activities and events.

WHY WE COLLECT, HOLD AND USE PERSONAL INFORMATION

We collect and hold your personal information for a variety of purposes, and you permit us to use it:

To provide you with our services and carry out our business functions;

For purposes related to the provision of our services such as , educational briefings, seminars and coaching and other service offering updates, conducting client satisfaction surveys and feedback requests, statistical collation and website traffic analysis;

Where you have consented to its use or disclosure;

Where we reasonably believe that use or disclosure is necessary to lessen or prevent a serious, immediate threat to someone's health or safety or the public's health or safety;

Where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a necessary part of our investigation or in reporting the matter to the relevant authorities;

Where such use or disclosure is required under or authorised by law (for example, to comply with a subpoena, a warrant or other order of a court or legal process);

Where we reasonably believe that use or disclosure is necessary for the prevention, investigation, prosecution and punishment of crimes or wrongdoings or the preparation for, or conduct of, proceedings before any court or tribunal (or the implementation of orders of a court or tribunal or on behalf of an enforcement body);

To develop and improve our business, products and services; and

For any lawful purpose.

Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.

HOW WE HOLD AND STORE PERSONAL INFORMATION

Your personal information is held and stored on paper, by electronic means or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorised access, modification and disclosure:

Data held and stored on paper is stored in a secure premises.

Data held and stored electronically is protected by internal and external firewalls, high encryption and all access to electronic data including databases requires password access

Access to personal information is restricted to staff and contractors whose job description requires access. Our employees and contractors are contractually obliged to maintain the confidentiality of any personal information held by us.

We undertake regular data backups, with the data copied and backed up to multiple locations for redundancy purposes.

Our staff receive regular training on privacy procedures.