Our record keeping systems (Relius and Omni) are in an ASP environment with FIS – a leading global financial technology and services provider. We utilize the breadth and depth of FIS security programs (network, website, data storage and protection) in managing the environment including the participant and plan sponsor websites.
In addition, the FIS ASP environment provides segmented customer data as well as encryption in transit and rest. Multi-factor authentication is required for system access. All other tools used by the firm are maintained in the Microsoft Azure cloud, again utilizing the best security protocols and practices.
Access to participant data is restricted to those team members working on the plan. In addition, all employees go through quarterly training on security, confidentiality and understanding personally identifiable information requirements, and we have an information security policy that all our employees certify annually.
We take protecting our participants’ accounts and data very seriously. We work with our record keeping partner FIS on reviewing their periodic network penetration tests and perform quarterly reviews of our Azure cloud network security.
A few more points on security and data protection: