- Badge access to locked facilities.
- Controlled access to all areas where confidential information is stored.
- 24/7 fire and burglar alarm monitoring.
- Camera surveillance throughout the operations facility.
- Visitor sign in, temporary badge, and escort while on site.
- Logical application and data access controls.
- Regular and frequent penetration tests.
- Information security program review by third-party.
- Firewalls and IDS/IPS systems for intrusion detection and prevention.
- Encrypted email exchange.
- Real-time virus and malware scanning.
- Ongoing patch and vulnerability management.
- Data transmissions through encrypted channels.
- 24-hour on-call access to IT personnel.
Cash Handling Security
- All mail is opened within view of the surveillance cameras.
- Dual access and sign off controls.
- Leading-edge "smart safe" to securely and accurately handle cash transactions.
- The smart safe is the same type of currency counter used in the cash processing centers of banks and armored carriers.
- The smart safe verifies the currency, checks for counterfeits, and automatically tracks the cash deposit.
Gramm-Leach-Bliley Act (GLBA) Privacy Compliance
- Criminal background and consumer credit checks on all employees.
- Signed confidentiality agreements with all employees.
- Clean desk policies.
- Mandatory annual security training for all employees.
- Comprehensive GLBA Risk Assessment.
- Multi-factor authentication of non-public client information.
- Third-party confidentiality agreements.
- Vendor review and management.
- Extensive internal audit program.
- Annual SSAE 16 (SOC1), formerly SAS 70 Type II Audits.
- Regulatory examinations by the FDIC and other governmental agencies.
Business Continuity Planning
- Comprehensive contingency plan for all operational departments.
- Annual testing program.
- Regularly scheduled data replication to the recovery site.
Disaster Recovery Site
- Data replication.
- Internet services including web, email, and FTP hosting.
- Remote access and other computer services.