Happy Mother’s Day! The Weatherly crew thanks mothers everywhere for their impact on our lives and communities.
Blog
Account Access

You're Leaving Our Website...

You clicked a link to an external page which may not be affiliated with this site.

Cancel
Continue
Weatherly Client Portal
Fidelity
Charles Schwab
Fidelity Charitable Gift Fund

Just like a home needs regular clean-up, your digital footprint deserves some consideration, too. Welcome to the world of digital housekeeping—where decluttering your devices isn’t just satisfying; it’s critical for productivity, peace of mind and cybersecurity. Today’s ever-changing landscape of new mediums and technology have made digital housekeeping even more important. Whether it’s to protect you against bad actors, help keep you organized and engaged, or for future planning, these tips will help you determine what to keep, what to toss, and how to file it.

What Is Digital Housekeeping?

Digital housekeeping refers to the tasks and practices involved in setting up, maintaining, and organizing digital devices, accounts, and data within a home or organization. It encompasses activities like managing software, optimizing online profiles, securing devices, and ensuring efficient data storage. Essentially, it’s the digital equivalent of traditional household chores, but focused on the digital realm. It can be hard to tell when it’s time to tidy up your digital footprint. Some common signs that you need cleaning up are slow devices, full storage, disorganized files, and digital overwhelm.  

Ensure your digital valuables are secure and accessible to trusted contacts & professionals 

We believe that when it comes to digital housekeeping, one of the most important areas to keep “tidy” is your vital files/essential records.  This includes, but is not limited to, documents such as tax returns, business contracts, and estate planning (trust, will, POAs, etc.).  It is crucial for family and trusted professionals to have access to these in case of an emergency.   To accomplish this, it is best to implement a multi-faceted approach involving secure storage, organized access points, and open communication. 

Secure storage for digital documents 
  • Scan and upload digital copies of important documents to a secure cloud storage service. 
  • Protect these files with passwords and encryption for maximum security. 
  • Keep an inventory of these documents.  It is important to have the most recent version readily available. 
Organized access points 
  • Create a system where folders and files are named descriptively and consistently. 
  • Consider keeping a digital asset inventory that includes login information and passwords for online accounts. 
  • Many modern estate plans (state dependent), fall under RUFADAA -Revised Uniform Fiduciary Access to Digital Assets Act. Trust & Will states that “RUFDAA extends the power traditionally given to the Executor of an Estate or Trustee when managing someone’s tangible assets to include their digital assets as well.” 
Sharing Information with trusted individuals 
  • Have a conversation with your estate planning attorney/team to see if access for trusted individuals is included in your current plan. 
  • Inform a trusted family member, attorney, or executor about the location of your important documents as well as instructions of how to access them (if necessary) 
  • Provide copies of relevant documents to those who may need them. 
  • Regularly review and update your documents and inform your representatives of any relevant changes.

The Core Areas of Digital Housekeeping

With your important documents at top of mind, here are some things you can do to use digital housekeeping to your advantage: 

Decision making—what to keep, what to toss, what to decide later 
  • Certain documents should be saved for at least a few years, like tax returns. IRS guidelines recommend at least 3 years. 
  • Others should be saved in perpetuity, like up-to-date estate and trust documents. 
File and folder organization 
  • Set up your “closet” or “library” folder structure with sustainability/scalability in mind 
  • Staying consistent with a naming scheme can help you locate documents more easily as well as file based on the type of document you’re working with.  For example: YYYYMMDD_TAX_RETURN_SMITH_J 
  • If you are very comfortable with technology, consider utilizing metadata tags on your files.  This use of descriptive labels can further help categorize your files for easy searching and retrieval. 
Email Cleanup 
  • Monitoring and cleaning up your email accounts can also aid in the digital housekeeping process. Using folders for common emails you receive, unsubscribing from newsletters you don’t read, and archiving or deleting old emails can keep your accounts clean and consistent. 
Device Performance 
  • To help your devices perform at optimal levels, you can leverage the following steps: 
  • Clearing out cache and any temporary files 
  • Deleting unused apps or software 
  • Regularly update your software and run security checks 
  • Consider a secure external storage system i.e. encrypted hard drive or cloud storage 
Preserving your memories 
  • Family and personal mementos deserve space to live on, too! Consider storing personal nostalgia in its own folder, where you and your family can tap into memories fondly and efficiently 

 Tips for Building Digital Housekeeping Habits

For many of us it has been a long time (if ever) since we have spent quality time on digital de-cluttering.  Like many tasks, it can feel daunting and overwhelming at first, so it’s best to start small!  To begin, consider implementing one of the following into your routine. 

Schedule a monthly or quarterly “digital declutter” session. 
  • This can be as simple as deleting unneeded items from your desktop or downloads folder! 
Adopt a “one in, one out” policy for apps and subscriptions. 
  • So many times we have old apps and subscriptions that we aren’t even aware of.  Take the time to delete an old one prior to enrolling in something new. 
Automate wherever possible (backups, updates). 
  • Turn on automated updates and backups.  This will help keep your data up to date and secure. 

 Benefits of Digital Housekeeping

Just like tidying up your home, engaging in digital clean up can bring numerous and surprising benefits. 

Improved efficiency and productivity 
  • Digital housekeeping makes it easier and quicker to locate emails, files, photos, and other digital assets. 
  • A clean and tidy digital space allows for workflows to run smoother, whether it’s for work related tasks or personal projects. 
Faster device performance 
  • Deleting unnecessary files and apps frees up valuable storage space which can extend the battery life and overall performance of your devices. 
  • Reduced stress and digital overwhelm 
  • A cluttered digital environment can contribute to mental fatigue and stress. Digital housekeeping helps increase focus by eliminating distractions. 
  • A clean and manageable digital space can lead to a greater sense of control and calm that can be carried through other areas of life as well! 
Better digital security 
  • Although it’s easy to put our digital “messes” on the back burner, all it takes is one small breach to uncover all the clutter we’ve procrastinated cleaning up.  By keeping your digital assets tidy, secure, and up to date you are protecting yourself and your privacy online.  

 How Weatherly Can Help 

We welcome clients the opportunity to upload to our secure portal: 

  • Recent tax returns 
  • Updated estate planning documents, including wills, trusts and POAs – this also allows our team to review documents for language dedicated to digital assets 
  • Weatherly’s CIRAL (Client Information Release Authorization Letter) which details your trusted 3rd parties to which we can share information in case of an emergency 

Additionally, our 7 Steps to Better Cyber Security is a wonderful resource to review through the digital housekeeping process to keep your digital security at top of mind.  So, no matter where you choose to start, be it decluttering your inbox, or organizing file folders, a digital clean up streamlines your digital space, enabling you to work more efficiently and focus on what truly matters. 

Further Resources:

Lassen, Kjersti. “The Rise of Digital Housekeeping: The Hidden Work of Smart Technology.” OsloMet, 20 Dec. 2024, www.oslomet.no/en/research/featured-research/the-rise-of-digital-housekeeping. 

Horst, Heather, and Jolynna Sinanan. “Digital Housekeeping: Living with Data.” Sage Journals: Discover World-Class Research, 12 Apr. 2021, https://journals.sagepub.com/doi/full/10.1177/1461444820953535#:~:text=The%20first%2C%20what%20we%20will,everyday%20data%20in%20our%20lives. 

Luftman, D. “What is RUFADAA-Everything You Need to Know” Trust & Will. https://trustandwill.com/learn/what-is-rufadaa#managing-digital-assets-under-rufadaa

“File an Amended Return.” Internal Revenue Service, 8 May 2025, www.irs.gov/filing/file-an-amended-return.)

*Disclosures:* The information provided should not be interpreted as a recommendation, no aspects of your individual financial situation were considered. Always consult a financial professional before implementing any strategies derived from the information above.

Blog content is human-generated by the Weatherly team members.  AI was used to assist with generating titles and subtitles.

 

 

Cyberattacks continue to evolve in terms of sophistication, pervasiveness, and impact. Back in 2018, our team blog scratched the surface of big data, analytics, implications for information sharing, and data compromise. Each cyber-attack, targeted or unleashed, has created not only serious disruption and headaches but true opportunities for professionals and individuals to have their information security at front of mind in all daily activities. Changes since the 1988 Morris Worm include increases in cyberwarfare, government espionage, corporate espionage, ransomware attacks and hacktivism. Stolen email addresses and credentials impacted millions, including Adobe, Yahoo, and Sony. Early large scale financial and credit card data breaches included Equifax, Target, and Mastercard. With COVID-19, we saw a shift to remote work, as well as more online commerce, only increasing the information security breach vectors of both businesses and individuals. 

In 2021, we’ve seen cybercrimes’ basis shift to supply chains. Data security executives note that the fall out of the late 2020 early 2021 Solar Winds highly sophisticated data exfiltration event may take months or years to be fully realized (Gately, 2021). This breach of national security exposed vulnerabilities in global software supply chains, affecting government as well as private systems.  

Got gas? 

In early May 2021, the ransomware attack on the US Colonial Pipeline showed us how a single password although complex, naked of the protection of multifactor authentication, could result in the compromise of a critical infrastructure network managed by a private company. Fuel shortages at airports and filling stations coupled with panic buying brought rapid national attention; often with raised eyebrows on other critical infrastructure vulnerabilities (water, electric grids).  Russian operatives such as Darkside intend to capitalize monetarily on security vulnerabilities, oftentimes staying less detected via cryptocurrency payments.  

National Security, trust me. 

In Mid-May 2021, as the Colonial Pipeline attack unfolded, US President Biden prioritized Cybersecurity efforts at the federal level (White House, 2021). His Executive Order on Improving the Nation’s Cybersecurity addresses policy, removing barriers to sharing threat information, modernizing federal government cybersecurity, enhancing software supply chain security, the establishment of a cyber safety review board, standardizing the federal government’s playbook for cyber vulnerabilities and incident response; threat detection improvements on federal networks, improvements in the federal government’s investigative and remediation capabilities,  and national security systems.   The “zero trust architecture**” (NIST’s set of standards) serves as a fundamental pillar of the security strategy outlined in the executive order. 

Where’s the Beef? 

Another ransomware attack targeted at JBS Foods in June 2021, with the potential of prolonged food supply chain disruption across 100 countries. Similar to the Colonial Pipeline, cybercriminals are preying not only on government operations and wallets, but on the nation’s individuals’ psyche… our level of trust in economic players to protect information, resources, and infrastructure, and ultimately our safety. 

3rd Party 4th of July Party  

Over July 4th weekend, the US saw how a point of compromise for businesses (and individuals!) is often times the trust between a vendor (software provider) and a client (you and me).  The Kaseya ransomware attack was yet another zero-day attack (an instance where a newly discovered software vulnerability is exposed, but an exploit occurs prior to the developer’s release of a patch). Because this attack targeted MSP (Managed Service Providers), this is the stuff that small business nightmares are made of.  As small, mid, and large businesses often contract their managed services (I.e IT, network management, etc) to third parties, it makes complete sense that hackers would target this large vector.  

Geopolitical efforts to collaborate on defensive and proactive strategies to combat the growing threat landscape are constantly adapting. This whitepaper from 2020 details certain global efforts and entities working towards holistic threat defenses. While certain nations adopt data privacy regulations, the border-less-ness of internet content traffic and information sharing can make collaborative approaches especially challenging. 

Understandably, when the world sees a DDOS event (distributed denial of service) that pulls down websites like Fedex, UPS, Delta, etc.., we first think there is a bad actor involved.  In the recent Akamai Edge service outage, however, the company stated it was related to an intentional update that caused the disruption, which was resolved by rollback within an hour. 

Impacts on Businesses, Families 

Economic impacts of supply chain cyberattack have immediate and long-term impacts on companies’ and individuals’ bottom lines.  In general, we see a shift towards security-focused investments by businesses. The investment in security can come with a high up front price tag, forcing small businesses and individuals to make calculated risks in choosing not to update their systems and devices. While businesses sometimes choose to purchase data-breach or cyber insurance, it oftentimes affords the business just enough to cover the cost of forensics and remediation after an actual event.   

Families as well as business are having the cyber conversation more than ever. The hack on San Diego Unified’s systems in 2018 uncovered how lower funded municipal services’ systems are especially at risk. With the shift to remote learning during the pandemic, our vulnerabilities as families widens, as information sharing in public academics now includes children ages 5+ in our county. Gamers, students, Moms, and Dads alike have to think like businesses; similarly, businesses need to think like families. With information sharing comes great responsibility. 

Navigating the Cyber Sea 

Per current events, it is an unfortunate truth that cybercrime is an ongoing threat that continues to evolve and impact our lives. As much as we want to prevent it entirely, cyber security isn’t an absolute. You aren’t either insecure or totally secure. There is a gradient, and it pays to ensure that you are striving to be on the “most secure” end of the spectrum. Below are 7 tips to help smoothly sail the cyber sea. 

  1. Second check before you click & slow down before you share. Although it may sound a bit extreme- trust NO ONE (online). Phishing emails often look as though they have been sent from a legitimate organization or someone who knows the end target (you), to entice clicks on malicious links or attachments. If you are ever unsure, pick up the phone to verify the validity of the email in question. 
  2. Do not duplicate passwords across accounts. When you use the same password for multiple accounts you open yourself up to a cyber-attack known as credential stuffing. All a hacker needs is your information from one poorly defended site and suddenly, they can access any other account where you use the same login information (“Are Your Passwords,” 2020). Length is the primary strengthener when creating a robust password. We suggest a minimum of 10 characters and have found that using a sentence is a great way to create a long password that you will not forget!  
  3. Keep your software updated. Running outdated software is an open invitation for cyber criminals to exploit known flaws and gain access to your system. Software companies regularly push out new updates to patch identified errors, making them (and you) less likely to become a target of cybercrime. The best way to ensure your software is current is to enable automatic updates on your system(s). 
  4. Back up your data. Perform frequent backups of your system and important files and verify your backups regularly. If a ransomware infection were to occur, you can restore your system to its previous state (sans ransomware) using your recent backup(s). Store your backups on a separate network or device such as the cloud or an external hard drive. Ensure that these backups are secured with the utmost protection such as MFA (#5). 
    • Encrypted/Protected External Hard drive: These allow for fast data transfers and large storage capacities. Look for ones that are encrypted and require a padlock password. 
    • Cloud: iCloud, Google Drive, and Dropbox, are some of the most well-known cloud-based services. Many of these come with limited free storage space and a paid option for additional storage if needed. 
      • When choosing a cloud-based storage, ask; Do they have privacy and security settings I can adjust? Do they use encryption to protect my data? 
  5. Enable Multifactor Authentication (MFA) whenever available. MFA adds an additional layer of protection to the sign-in process and is widely available for many of your most sensitive logins. When accessing your data, you will be required provide additional identity verification(s), such as scanning a fingerprint, answering personalized questions, or entering a code received by phone. Use of anything beyond a password significantly increases the work for attackers to access your data, lowering the risk of you getting hacked in the authentication process!
    • Click here to learn more about setting up MFA on your Fidelity.com login 
    • Click here to learn more about setting up MFA on your Schwab.com login 
  6. Insist on Information Security (Infosec). It is essential to ensure that when working with anyone who has your personal information (SSN, date of birth, acct #s, etc), that they will not misuse or disclose it to outside parties. Be certain that these professionals can and will safeguard your personal identifiable information (PII) to best of their ability. Take the initiative and inquire what secure method(s) they use for the bi-directional exchange of information. Some common examples include encrypted emails, secure portals (Weatherly’s preferred method), or password protected documents. 
  7. Upgrade your upgrade process. Your devices (laptops, tablets, cell phones) contain more information than you may think! Whether it be financial or personal, before disposing of your old electronic devices, it is important to delete your information from the hard drive so that it does not end up in the wrong hands. Before letting go of your old devices: 
    • Back up your information (#4) 
    • Sign Out of Accounts, Disconnect Devices, and Erase Your Hard Drive 
      • After you have saved your personal information (cloud, external hard drive, etc), sign out of all your online accounts. It is also best to un-pair your computer from Bluetooth devices (mouse, keyboard, wireless display, etc.) 
      • Erase your computer’s hard drive and reset it to factory settings.  
    • Safely Dispose of your device 

When it comes to cybercrime the most harmful thought you can have is, “it won’t happen to me”.  Cybercriminals don’t discriminate, so in a way, fighting cybercrime is everybody’s responsibility.  At Weatherly we consider it our obligation to not only uphold our own best practices, but to be a resource for those joining the fight against cybercrime. Please do not hesitate to reach out to our team with any questions. 

 

Sources: 

Gately, E.  (2021, July).  Kaseya VSA Ransomware Attack, SolarWinds Hack share many similarities.  Channel Futures.  Security.  Retrieved from https://www.channelfutures.com/security/kaseya-vsa-ransomware-attack-solarwinds-hack-share-many-similarities 

Ruhl, C. et al.  (2020, February).  Cyberspace and Geopolitics: Assessing Global Cybersecurity Norm Processes at a Crossroads.  Carnegie Endowment for International Peace.  Retrieved from https://carnegieendowment.org/files/Cyberspace_and_Geopolitics.pdf 

POTUSA- Biden, Joseph (2021, May).  Executive Order on Improving the Nation’s Cybersecurity.  Presidential Actions.   Briefing Room. Retrieved from https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ 

Are Your Passwords Putting You at Risk for a Cyber Attack? (2020). Retrieved from https://www.atsg.net/blog/passwords-risk-cyber-attack/  

https://www.marketwatch.com/story/buying-a-house-heres-how-to-ensure-your-confidential-financial-details-remain-secure-2019-05-29 

 

 

Vocab/Acronyms 

CIS- Center for internet security  

ATP  – Advanced persistent threat 

DdOS – Distributed denial of service attack 

IOC –Indicators of Compromise 

RAT – remote access trojan 

MFA – Multi Factor Authentication 

PII (Personal identifiable information) – defined as any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means 

 

**Zero Trust Architecture 

a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.  The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.  In essence, a Zero Trust Architecture allows users full access but only to the bare minimum they need to perform their jobs.  If a device is compromised, zero trust can ensure that the damage is contained.  The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred, so it constantly limits access to only what is needed and looks for anomalous or malicious activity.  Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment.  This data-centric security model allows the concept of least-privileged access to be applied for every access decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources based on the combination of sever 

 

The US Department of Labor (DOL) issued its final rule regarding the conflict of interest and fiduciary rules for personal retirement accounts on April 6th 2016. This has been a heavily debated topic in the investment community in recent years with the ultimate goal of improving the standard of advice within the financial industry. The DOL’s ruling addresses the personal retirement account space, updating an outdated framework regarding conflicts of interest and extending the fiduciary standard of care to financial professionals throughout the industry who were previously held to the suitability standard.

How does this apply to Weatherly and our clients?

Weatherly is a comprehensive wealth management firm registered with the Securities and Exchange Commission and defined as a registered investment advisor (RIA). We have been held to the Fiduciary standard of care since the inception of the firm in 1994 and strive to deliver the highest quality of investment advice to our clients while upholding the fiduciary standard. Although the new guidelines do not directly impact Weatherly and how we work with clients, the new ruling does have a significant impact on the industry overall increasing quality and accountability.

Fiduciary Standard vs. the Suitability Standard

The fiduciary standard of care, established under the Investment Advisors Act of 1940, applies to advisors/wealth managers registered with the Securities and Exchange Commission or state regulators. The standard holds advisors to a duty of loyalty and care, which requires financial professionals to act in the best interest of clients at all times. Advisors must obtain complete and accurate information before delivering investment advice. In addition, advisors must avoid conflicts of interest and disclose potential conflicts to clients prior to providing investment advice. Lastly, a fiduciary must also apply a best execution standard when completing transactions on behalf of a client, which requires both low cost and efficient execution.

The suitability standard is much different in scope, this standard applies to financial professionals registered with the Financial Industry Regulatory Authority (FINRA) – including broker dealers, insurance professionals, investment salesperson etc. The suitability obligation dictates that the professional must only reasonably believe that a recommendation is suitable for the client and is in their best interest. The professional is not responsible for monitoring an investment after the initial purchase, having complete and accurate information regarding the clients overall financial situation, or operating with a duty of loyalty to the client. Investments can be suitable for a client but inferior in quality to other investment offerings of similar nature.

Additional information here:

http://www.investopedia.com/articles/professionaleducation/11/suitability-fiduciary-standards.asp
http://financialplanningcoalition.com/issues/fiduciary-standard-of-care/
http://money.usnews.com/money/blogs/the-smarter-mutual-fund-investor/2015/03/19/is-your-financial-advisor-a-fiduciary

DOL Fiduciary Standard Rule

  • Financial professionals providing advice to retirement plans or IRA account holders under the Employee Retirement Income Security Act (ERISA) will now be held to the fiduciary standard. Actions that require the fiduciary standard of care going forward include:
    • Recommendation of investment allocation to a plan sponsor
    • Advice regarding a specific investment option to a plan participant
    • Any recommendation of IRA product options – including a rollover from a qualified plan to an IRA
    • Referrals to an advisor or advisory service
  • Planners, wealth managers, advisors and professionals delivering advice must adhere to the fiduciary standard and disclose any conflict or potential conflict of interest to plan participants. Failure can expose professionals and employers to lawsuits and ERISA penalties.
  • Phased in over time – the rule is applicable to ERISA retirement plans and IRAs beginning in April 2017.

Additional information here:

https://blogs.cfainstitute.org/marketintegrity/2016/04/07/dol-fiduciary-rule-though-complex-it-moves-investment-advice-model-in-right-direction/
https://www.dol.gov/ebsa/newsroom/fsconflictsofinterest.html
http://www.employeebenefitadviser.com/news/dol-fiduciary-ruling-may-have-more-significant-impact-than-advisers-initially-thought-study-finds

We will continue to monitor developments from the DOL and possible changes to the industry landscape.

** The information provided should not be interpreted as a recommendation, no aspects of your individual financial situation were considered. Always consult a financial professional before implementing any strategies derived from the information above.

The luxury of always being “connected” comes with the unfortunate risk of being compromised. To best serve our clients, the Weatherly crew has an established compliance culture that keeps all team members fully trained and abreast of the latest in regulations and information security.   Weatherly’s Identity Theft Prevention, Business Continuity, Information Security and Privacy Policy Programs aim to proactively protect our business and our clients against:

  • Fraudulent wire, trading, account set-up, electronic fund transfer, and email requests
  • Theft of identity, passwords & log-in credentials
  • Malware, phishing, social engineering

Some of the measures Weatherly employs to safeguard data include:

  • Identity verification via copies of clients’ driver’s licenses
  • Firewalled network security with 24/7 monitoring
  • Email and email attachment encryption
  • User authentication in addition to passwords
  • Verbal confirmation of certain trade & account requests
  • Offering guidance to clients on a number of different protection and data breach issues

Some simple things you can do right now to protect yourself from unnecessary extra holiday stress are outlined below, as well as a few resources & articles that provide more detail.

  • Create ROBUST passwords on all devices and shared documents; change your passwords often
  • Consider a password management application
  • Employ “find my device” functionality
  • Update your operating system, browser, anti-virus and other critical software
  • Secure your home & business networks; use public wi-fi with discretion for certain activities
  • Review your social media privacy settings
  • Sign up for text alerts of account activity
  • Report lost or stolen items immediately
  • Teach your friends… remember, you can control your online activity, but not that of the sender
  • Verify certain activities by an outbound phone call (vs. email or inbound phone verification requests)
  • Minimize secure information provided to third parties
  • Only open links & attachments from trusted senders

The links below offer further guidance on the topic.

** The information provided should not be interpreted as a recommendation, no aspects of your individual financial situation were considered. Always consult a financial professional before implementing any strategies derived from the information above.

Ready to work together?

Schedule a Consultation