Pension Funds Insider

Pension Funds Insider brings the latest pensions news and industry insights; from investment and governance updates to new mandate appointments and pensions regulatory information.

Latest news DC and Auto Enrolment Governance Investment Legal and Regulatory Mandates News and Research Opinions Risk Management Trusteeship

Security firm calls for pension scheme safeguarding

Friday, July 31, 2015

Image for Security firm calls for pension scheme safeguarding

Veratta has urged the government to do more to help protect pension scheme members and their sensitive information from scammers.

Specialist pensions data management and software firm Veratta's chief operating officer Monica Cope, said the advance of technology means sensitive information is at greater risk than ever.

She said: "The increased use of cloud computing and web-based applications, coupled with the evolving pensions landscape, means information is exposed to a much wider variety of threats and vulnerabilities than it has ever been before."

Cope added that an abundance of serious security risks are not being given enough attention by either the industry or the government – and she called on the government to take measures.

"More rigorous controls, particularly around processes and technology, should be enforced upon organisations handling sensitive pension scheme information to protect the confidentiality of information and to minimise the likelihood of unauthorised disclosure – whether accidental or deliberate."

The pensions sector has a history of high levels of fraud that has impacted levels of public trust and is behind the curve when it comes to information security.

It's something that needs to be addressed soon, according to Cope.

"Unless it is addressed we could find ourselves dealing with huge problems caused by fraudsters, quite aside from a population of extremely disgruntled members and pensioners," she said.

The introduction of a mandatory information security framework by the new government is one way of addressing the issue and restoring public trust.

The framework would address data inequality issues, as well as enhancing and preserving data integrity and availability.

"This would be our ideal scenario and the framework would incorporate the basic controls of the Cyber Essentials Scheme and key elements of ISO27001, the international standard for information security best practice," said Cope.

"It is crucial for the future of pensions that as an industry information and data security is taken just as seriously as in other industries."

First published 30.07.2015

Lindsay.sharman@wilmingtonplc.com