Yieldstreet cares very deeply about the security of your account and data. In an era where website hacks, data compromises, and commerce on the dark web are a matter of daily news, a security breach in one place can render your accounts at other unrelated places vulnerable, and open to compromise.
At Yieldstreet, we take stringent measures and go the extra mile where security is concerned. From securing our infrastructure, to encrypting sensitive data whether at rest or in transit, and using advanced AI and pattern recognition to detect unusual behavior, we follow industry best practices on every front. While the list of technologies we use to ensure your data is protected is extensive, there is a lot that you, as an investor, can do to safeguard your account information.
There are some simple steps you can take to improve the security of your digital footprint. These recommendations are highly relevant to your Yieldstreet account. Ideally, you should consider using these tips across the board to prevent anyone from taking over accounts containing sensitive information. Below we summarize key steps you can take to protect yourself and secure your personal data:
Keep passwords long and random. Passwords should be at least 16 characters or the full length of the website’s login form. We realize that this is easier said than done, but actually the best way is for you to not know what any of your online passwords are. We recommend using random password generators. Many browsers will generate these for you on signup forms but you can also generate them online at sites such as passwordsgenerator.net, dashlane.com/features/password-generator and the pwgen utility for those who like working off bash shells.
Using a password management tool like Bitdefender, Dashlane or 1Password makes this process easier because then you are only required to remember the password to your password management tool. We recommend 1Password—we use it ourselves at Yieldstreet.
Do not write passwords down in text files or notepads and keep rotating them every 3-6 months. Most importantly, never reuse passwords across sites as this is one of the most common causes of account takeovers. When one site is compromised, every other site you have used the same password becomes automatically vulnerable, no matter how secure it is.
Multi-factor authentication is a way to provide an added layer of security to your online account. MFA acts like a series of doors that must be unlocked before entering an online property. The ‘front gate’ is typically protected by a username and password. This is the most obvious barrier and can be compromised by a hack. With MFA, the second door also needs to have a key, one that no one other than you possess, making your online accounts more secure.
We recommend enabling MFA on every online account and inquiring with the service provider if it’s not a readily available option. In the case of Yieldstreet, we provide two factor authentication via Authy.
The most secure form of MFA is a hardware option like a Yubikey. The safest non-hardware option is an authenticator app like Authy or Google Authenticator. The least secure mechanism is SMS or text messaging because it is not tied to a physical device you own (like your phone) but rather the SIM card in it. This leaves it open to compromise through hacking techniques like SIM swapping.
Websites you visit range from highly secure and responsible, to careless to downright malicious. Be careful while browsing. Most modern browsers do this for you, alerting you to vulnerabilities in the sites you visit. At the simplest level, don’t ignore these warnings.
Secure data transit. Be sure that the websites you log into and share information with have a valid HTTPS certificate. This certificate signifies that the data being transmitted between you is encrypted in-transit to prevent external parties from snooping in on your interactions. Modern browsers make this visible to you by putting a little lock icon on the right of the website’s address.
Use an ad-blocker. Attackers are buying up advertising space to inject ads with malware that can do harm to your computer and your data. Ad-blocker extensions like uBlock , AdBlock Plus or AdGuard maintain lists that block ads that are known to be malicious.
Here’s an easy checklist for ensuring website security.
Email is often vulnerable to attackers who try to take your information by either sending you malicious attachments or impersonating someone else (also known as Phishing).
To prevent being the victim of phishing, adopt the following habits:
Phones are essentially portable mini-computers and are susceptible to the same kind of risks. They also have an added category of risk due to their functionality as telephones.
Here are a few things to be aware of with your smartphone:
Theft or loss of a phone isn’t just a financial hit, you might also lose personal information like photos and videos unless you back up regularly. More importantly, however, losing your phone can be a security liability if the lost device falls into the wrong hands. Here are a few preventative measures you can take:
There are many ways that attackers might try to steal your identity. A compromised identity is possibly the most dangerous aspect of a lapse in your online security. It can lead to a whole host of issues that are difficult and time-consuming to resolve.
Use an identity monitoring service like Lifelock. Take immediate action when this service sends you an alert, even if it is simply to check and dismiss a false positive.
Keep your credit information on major providers such as Equifax, Experian, and Transunion frozen at all time and only unfreeze it for specific purposes, like applying for a loan, credit card, or mortgage.
With banking and financial practices increasingly becoming available online, it is important for investors to take responsibility for their digital footprint. With YieldStreet’s robust security measures and your own vigilance as a user, many of the easily preventable issues that surround account security can be avoided.
Yieldstreet provides access to alternative investments previously reserved only for institutions and the ultra-wealthy. Our mission is to help millions of people generate $3 billion of income outside the traditional public markets by 2025. We are committed to making financial products more inclusive by creating a modern investment portfolio.