The NASD, based in Washington, D.C., issued two formal alerts, one for investors and the other for brokerage firms, offering guidance for protecting personal information.
"The Internet makes life a lot easier for investors on the go, but it also presents them with new and serious security concerns," Robert R. Glauber, NASD chairman and chief executive, said in a statement. "Investors have the responsibility to be vigilant when doing business on-line. But firms also have the responsibility to have the right policies and procedures in place to protect investor records and information."
Brokerage firms must have systems, policies and procedures in place to adequately address the risks posed by current technologies, and it's the NASD's job to make sure those safeguards are operating properly, Glauber said.
For investors, the NASD advised them to think twice about using the remember-my-username-and-password feature when accessing brokerage accounts, and recommended that they avoid using public Wi-Fi connections, called hotspots, for conducing confidential business.
"These hotspots are becoming more common and pose significant security threats," the NASD said.