We understand that the security of your information is important to you. We also understand that our continued success relies on our ability to communicate with you in a secure manner.
We adhere to the highest standards of decency, fairness and integrity in our operations. On the Internet, we take a number of measures to authenticate your identity when you access our site. We also take steps to protect your information as it traverses the Internet to and from you. We take steps to make sure all information is as secure as possible against unauthorized access and use. We also review our security measures periodically. Despite our best efforts, and the best efforts of other firms, "perfect security" does not exist on the Internet, or anywhere else.
We use different pieces of information, collectively known as access codes, to properly identify and authenticate you before allowing you secure access to our site.
When registering on the site, you will create a User ID.� Once you have a UserID, we will randomly generate the final piece of information you will need to access the site, your initial password. We will email your password to you via the email account setup on your user profile.� For security reasons, we will not include the login address in this same email.� We encourage you to change your initial password upon login to the site.
For further security, we store your UserID and password on in encrypted fields on a database that is isolated from the Internet.
Data Traversing the Internet
Our site uses the highest levels of Internet security. We require the use of a secure browser and use its features such as data encryption, Secure Sockets Layer (SSL) protocol, user names and passwords, and other tools. The system encrypts the login information and personal information that flows back and forth between you and us.
Encryption is the process of scrambling the information so that it can only be reassembled by the intended recipient- someone recording the communication will not be able to decipher the information. We use 128 bits for this encryption- the standard for our industry and the financial industry- making it virtually impossible for anyone else to read it. You can tell when you are on a secure page by looking at the URL (location or address field in the browser). If it begins with "https://" rather than "http://" the page is secure.
We do not include personal or account information in non-secure emails that we send to you over the Internet, with the exception of the password emailed upon initial registration. We encourage you to change your password immediately upon logging into the site.� To respond to you regarding personal matters, we may send you an unencrypted email inviting you back to our site to see our response. While this is not convenient, it is to protect your confidential information.
You can tell whether you are truly connected to us by viewing our digital certificate. The certificate verifies the connection between our public key and our server's identification. Cryptography using digital signatures ensures you can trust the information within the certification. Your browser looks at it and trusts it. It is similar to your local highway traffic law enforcement department; the people there trust the information on your driver's license, should you be lucky enough for them to request to see it.
Logout and our Timeout Feature
We make use of a secure login and advise you to log out of our site as soon as you are finished with your access.
We also use a timeout feature to protect you further. After an extended period of inactivity at our site, we will log you out automatically.
Data Within our Walls
The personal information our site collects is stored in secure operating environments that are not available to the public. We employ mechanisms to protect data within our walls. One such mechanism is a firewall that protects our computer systems and your information. Firewalls are selective barriers that block access and allow only authorized traffic through.
We also use system and application logs to track all access. We review these logs periodically and investigate any anomalies or discrepancies.
Within our organization, we base access to information on the sensitivity of the information, and our employee's need-to-know. We authorize employees and representatives to use available information for authorized business purposes only. Each employee receives a code of conduct that details our requirement for our employees when using this information. Disregard of these requirements may result in disciplinary action up to and including termination.
Our Security Recommendations for You
To maintain a high level of security, we recommend that you follow the following practices: