ABG Security Overview
How We Keep Your Information Secure
ABG Retirement Plan Services employs advanced security features and protocols to keep your data safe, private and secure, 24/7/365. Comprehensive security protection measures include password protection, secure socket layer encryption, firewalls, intrusion detection, audits, inspections and more. You can be confident that your important information is safe and secure.
Internal User Security
- User accounts have unique usernames and passwords that must be entered each time a user logs on.
- Network dual authentication passwords automatically expire every 90 days.
- Access controls to sensitive data are limited by need-to-know basis.
Security Awareness Training
- We create a human firewall with Security Awareness Training for all staff.
- Monthly mandatory training is required. Associates are routinely tested to practice security awareness skills.
- Our staff members are trained to exercise constant vigilance to protect Client and Plan Member data and transactions.
- Next Generation Cisco Firewalls restrict outside access to the network.
- Secure VPN, 2 FA (two-factor authentication) and role based access is enforced for systems management. User data in transit is safe, secure and available only to intended recipients.
- Cisco Firepower provides Intrusion Detection, Prevention and Remediation.
- Layered security approach utilizing both Anti-Malware and Virus Protection software.
Physical Network Security
- Network connection and servers are secured in our locked, temperature regulated, Computer Data Center.
- Access to the Computer Data Center is controlled with an electronic key lock. The entrance is monitored by a security camera and only authorized users are allowed access.
- Latest security patches are applied to all operating systems, applications, and network infrastructure to mitigate exposure to vulnerabilities.
- ABG uses third-party security auditors to perform penetration testing and complete vulnerability assessments.
- Vendor relationships must confirm they provide best security practices and procedures.
Plan Member Security
- Plan Member account information can only be accessed with a secure Login ID and password. (Plan enabled image based authentication is also an option.)
- After a successful login, Plan Members will receive a courtesy email notifying him or her of the activity.
- Any transactional account activity is confirmed via email notifications to the Plan Member on file.
- Plan Member passwords expire when not accessed routinely.
ABG Retirement Plan Services, Inc has adopted this policy with recognition that protecting the privacy and security of the personal information we obtain about our clients is an important responsibility. We also know that you expect us to service your Plan in an accurate and efficient manner. To do so, we must collect and maintain certain personal information about you. We want you to know what information we collect and how we use and safeguard that information.
What Information We Collect
We collect certain nonpublic personal identifying information about your Plan Participants (such as Participants’ name, address, social security number, etc.) from information that you provide us via Plan enrollment applications, contribution files or other forms as well as communications (electronic, telephone, written or in person) with you or your authorized representative (such as your attorney, accountant, etc.). We also collect information from the Plan’s custodial platform about your Plan’s accounts and transactions (such as purchases, sales, account balances, inquiries, etc.)
What Information We Disclose
We do not disclose the nonpublic personal information we collect about our clients’ Plans to anyone except: (i) in furtherance of our business relationship with them and then only to those persons necessary to effect the transactions and provide the services that they authorize (such as authorized brokerdealers, custodians, independent managers, etc.); (ii) to persons assessing our compliance with industry standards (e.g. regulatory authorities, etc.); (iii) our attorneys, compliance consultant, accountants and auditors; or (iv) as otherwise provided by law.
Security Of Your Information
We maintain physical, electronic and procedural safeguards to protect your Plan’s nonpublic personal information.
In regards to internet and mobile-app transactions as well as website privacy, we understand how important it is to protect our on-line clients, mobile-app users, and website visitors. We do not collect personally identifiable information about individuals except when it is specifically provided on a voluntary basis. We do not share the product, information, service or assistance you have requested.
From time to time we may provide links to other websites as a convenience to you. We make no warranties concerning the privacy policies of these sites. It is recommended that you review the privacy statement of each entity before proceeding. By providing links to non-affiliated sites, we do not imply any endorsement of, or a responsibility for the products, information, or services offered at such sites.
Our policy about obtaining and disclosing information may change from time to time. We will provide you notice of any material change to this policy before we implement the change.