5 minutes with Doris Tidd


With online security measures becoming more front-of-mind than ever before, we sit down with HESTA’s General Manager – Information Security Doris Tidd to find out what HESTA is doing to safeguard members’ online information, and what members can do to help protect themselves.


1. Tell us about your role at HESTA.

My role oversees HESTA’s information, cyber, and data security. My team manages security policies to protect critical data and manage information security risks, ensuring they are aligned with our business objectives and maintain the trust of our people, partners, and members.


2. Globally, the world has seen heightened online security risks. How has the Australian superannuation industry been impacted and what is HESTA doing to protect members’ money?

The super ecosystem is complex, relying on a range of stakeholders including members, employers, advisers, payroll providers, gateway providers, administrators, custodians, investment managers, regulators and super funds to all work together to deliver the member experience. Because of the interconnected nature of our super ecosystem, we depend on each other to protect the super savings of all Australians. Given the rapidly evolving cyber landscape, we must all work together now to ensure that our services continue to safeguard the super savings entrusted to us by retired and working Australians.

At HESTA, we take the protection of our members personal and financial information very seriously. We have rigorous security measures in place to protect our members, their details and accounts. Your data, along with your super, is one of the most precious assets you own. Your security is our priority, and we work hard to protect your information. Access to your personal information at HESTA is limited to you and the people who manage your account and provide the information, products and services attached to it, as well as government or other entities as required by law. We collect only the personal information we need to manage your super. We also apply extra checks on key transactions to verify it’s you. To learn more about how we collect and use your personal information see our HESTA for Mercy Privacy Policy.



3. What is your top tip for members to protect their accounts?

You play a key role in keeping your online account information safe and secure. You can activate and help protect your online account by setting up two layers of security for extra peace of mind. Two-factor authentication is an effective way to protect your valuable information and accounts against unauthorised access.

  • To set up two-factor authentication; log in to your online account (if you haven’t done so already, it’s important to register for an online account so you can check in with your super regularly).
  • Once logged in to your online account, navigate to Personal details from your profile located in the top right of the home dashboard.
  • Here you can add two-factor authentication in the Preferences tab.
  • Once you’re set up with two-factor authentication for your online account, we’ll send a verification code to your mobile each time you log in.


It’s important to always remain vigilant to protect your personal information. Here are some things you can do:

  • Remain alert for phishing scammers on email or SMS — verify the sender’s details. Learn more about keeping your super safe.
  • Be careful with links and attachments — don’t click on or respond to suspicious links in emails or SMS, or open attachments from unsolicited contacts. You can learn more about how to protect yourself from suspicious emails at the Australian Cyber Security Centre
  • Update and backup your devices, turn on multi-factor authentication, and set secure passphrases.
  • Don’t share your personal, super, banking or credit card information (like your PIN or password) with people you don’t know or trust.
  • Report cybercrime to ReportCyber and scams to Scamwatch and contact IDCARE if you’ve experienced identity theft.
  • To learn more about the basics of how to keep yourself secure, check out these steps from the Australian Cyber Security Centre.


4. Looking into the future, what trends do you notice with how people will interact with their super accounts?

I think people will interact more frequently with their super accounts and proactively work to understand how to improve their financial wellbeing and build a better financial future. People will take a more active interest in managing their fund to boost retirement savings, including more commonly making voluntary super contributions. A lot of people today don’t think about their super fund until it’s time to get ready for retirement, but I think in the future, people will plan for their retirement at an earlier stage, considering their super fund as another bank account.


you might also like

Don't have an online account yet?

It's quick and easy to set up.