Skip to main content

Watch 'Behind Every Bear Market Is an Opportunity' Webinar recording

RPS cybersecurity banner image

DOL Cybersecurity Tips

Photo of author, Teresa Shawver, FPQP™, CPFA®.
Teresa Shawver, FPQP™, CPFA®
Manager of Advisory Service Standards

In this age of relying heavily on technology, it is vital to take the necessary cyber security precautions. You want to make sure that all sensitive information is highly protected. This document showcases some tips and trick for plan sponsors.

Topics include: Security Standards, Establishing a Formal Cybersecurity Program, Using Multi-Factor Authentication, Cybersecurity Insurance, and much more.

Per the DOL, plan sponsors should ask the service provider about the following:

  • Security Standards
  • Security Practices
  • Security Policies
  • Audit Results
  • Security Validation Process
  • Security Levels Implemented
  • Past Security Breaches
  • Cybersecurity Insurance
  • Cybersecurity Guarantee

Per the DOL, plan sponsors should consider the following actions:

  • Establish a formal Cyber Security Program
  • Conduct annual risk assessments
  • Hire third party to audit security controls
  • Define and assign information security roles and responsibilities
  • Establish strong access control procedures
  • If data stored in cloud or with third party conduct security reviews
  • Conduct cyber security awareness training
  • Implement secure system development life cycle
  • Create effective business resiliency program
  • Encrypt sensitive data
  • Respond to cyber security events

Per the DOL, plan participants should consider the following actions:

  • Register your account
  • Regularly monitor your account
  • Use strong and unique passwords
  • Use multi-factor authentication
  • Keep personal contact information current
  • Close or delete unused accounts
  • Do not use free Wi-Fi
  • Beware of Phishing attacks
  • Do not store login information in your email account
  • Use up to date anti-virus software
  • Report identify theft to your employer and the record-keeper
Related Insights
Revenue Sharing Pic

Revenue Sharing Decisions

As a result of the significant rise in revenue sharing litigation it behooves plan fiduciaries to confirm and document the prudence and appropriateness of any revenue sharing arrangement.

Read More
401k Match Pic

Have You Met Your Match?

Just how important is a 401(k) match to your employees? It appears to be top of mind, according to Principal’s 2021 Retirement Security Survey. The study’s results show that the match matters most. Learn more.

Read More
Erisa Court Pic

Is Participant Choice a “Get Out of ERISA Court Free Card”?

The question before the court in Hughes v. Northwestern University was the plausibility of a breach of fiduciary duty claim stated by current and former participants in two university retirement plans. SCOTUS ruled that the petitioners in the case, originally dismissed by a district court and upheld by the U.S. Court of Appeals for the Seventh Circuit, did in fact plausibly state their claim. Essentially, the court asserted that the provision of sufficient investment choices to participants does not automatically exculpate fiduciaries from imprudent actions.

Read More
Play