Securing Your Data
The security of data is of paramount importance. Retirement Management Systems uses multiple levels of security to help ensure the privacy of client’s personally identifiable information.
All Savings Plan Management platform credentials and sensitive client information are encrypted using the Advanced Encryption Standard algorithm with a 256-bit key.
The operating system platforms upon which Savings Plan Management run are designed to prevent unauthorized access. The very limited and specific applications designed to access data are tightly controlled and require a second layer of credentials to access them from within our organization. Client login credentials are located on a separate physical server from those that house other personal client data.
All communication to, from and between Savings Plan Management system components occurs over Extended Validation SSL sockets with a 2048-bit key. Extended Validation (EV) Certificates provide the best Internet Data Encryption and Identity Assurance available. This ensures that all communication including usernames and passwords exchanged between components happens on an encrypted channel. Retirement Management Systems ensures that web browsers connecting to the platform are using at least 128-bit encryption.
On the Savings Plan Management network, routers perform packet inspection and provide protection from malicious denial of service attacks. Access to the internal facing portion of the network is limited to employees only and requires complex passwords.
Physical servers are co-located in a highly secure facility with redundant electric and communication systems.
More detail is available upon request.