How we protect your account
We are committed to account security. Our robust security program and infrastructure includes a team of cybersecurity and risk management professionals to help monitor and protect your personal information 24/7.
We review each report of unauthorized access thoroughly, file appropriate notices with law enforcement agencies and, in the event of a financial loss, we assess the facts and circumstances for potential reimbursement to your account. Additionally, we use a variety of controls to detect and prevent unauthorized access to our network and sensitive information. Our cybersecurity response program fulfills the requirements of federal and state laws and includes appropriate notifications to investors and advisors when warranted.
As part of our security system, we:
- Regularly refine and update security features. We review industry security standards and perform system testing to ensure we’re using the most up-to-date techniques and technologies.
- Actively monitor threats. We communicate with financial industry security groups and government agencies to monitor the threat landscape.
- Educate employees. Our associates receive ongoing security training, such as how to handle sensitive data.
- Challenge unrecognized devices. We’ll send you a one-time password to verify your identity before you can access your account. We may send the passcode if you’ve deleted cookies or cleared the cache on your device, logged in from a different device (phone vs. iPad vs. desktop) or different IP address (home vs. public Wi-Fi).
- Display last login information. The date and time of your last account login is visible to you.
- Mask confidential information. You’ll see symbols in login fields and in place of your Social Security number.
- Enforce website timeouts. Your online session will automatically time out after 20 minutes of inactivity.
- Use encryption to secure your data. We use industry-standard security protocols to create a secure online environment. Check to see if there is a “lock” icon next to the URL address bar and whether the URL starts with “https:” instead of “http,” which indicates that the browser window is secure.