Link Group (Link) is a global, digitally enabled business connecting millions of people with their assets safely, securely and responsibly. We invest heavily in digital transformation, data and cyber security. We’re pleased to announce we will be introducing multi-factor authentication (MFA) to Link’s Investor Centre. This will provide all Link portfolio account holders with further peace of mind when transacting within Link’s Investor Centre platform.
Partnering with Okta, an industry leader in identity and access management will increase the ongoing security administration for all our Link portfolio users.
As you may be aware, the introduction of MFA is an effective control as recommended by the Australian Cyber Security Centre (ACSC):
- There is evidence that global investment technology platforms are increasingly being targeted by automated attacks to log on to investor accounts, most likely by organised crime syndicates.
- Industry recommendations favour mandating the use of MFA/2FA solutions for sensitive portals to reduce the risk of data / privacy breaches and fraud.
- Sensitive, confidential, and privileged data has far reduced risk of potential data loss and exposure by implementing MFA methods to prevent fraudulent access, phishing attempts from credentials obtained via emails, and dark web data breach databases.
In Q1, 2023 we will be introducing some new, but simple registration steps together with updated login pages to our Investor Centre environment, as part of our MFA implementation project. The new registration steps being introduced will ask a Link portfolio account holder to create a username, password and enrol in a selected MFA method. The portfolio data will remain as it does today, in that it is not Issuer specific data and will not form any part of your registry or share plan records.
We are committed to ensuring the security of MFA data by maintaining effective security measures in line with our Information Security policies. The data that will be shared with Okta may include first and last name, email address together with an encrypted password. This will not include any shareholding information, transactional records, or sensitive data. Now that we will be introducing MFA, we are also updating our Investor Centre Terms and Conditions to make the links between these terms and our Privacy Policy more explicit.
The priority for us in our security upgrade is to ensure that the user experience is minimally impacted. Our pages will include helpful hints should shareholders need assistance. We have also updated our FAQs to ensure a smooth and successful registration and login journey.
As we move closer to the MFA release date, your Client Relationship Manager will keep you updated.