The Importance of Information Security

February 14, 2018

We share a collective responsibility with agencies and producers to protect employees’ personal information. We take this very seriously, and know you do too.

Steps We Take

First, we have ensured best-in-class security of sensitive information by creating an ISO-certified Information Security Management System. Here are some of the security measures we take when working with you and your clients.  

When emailing personally identifiable information, such as Social Security numbers and dates of birth, we always use one of three methods:

  • TLS encryption. TLS, or Transport Layer Security, is an encryption method that scrambles information sent between two domains. TLS encrypts the information as it travels through the internet, but then delivers the message unencrypted to the recipient’s inbox. We have TLS accounts set up with agencies we exchange personally identifiable information with frequently. And we can set one up with you, too.
  • Secure file transfer systems. Secure file transfer systems allow you to send and receive large files securely. These services usually require a password to access the document. The Standard uses FilesAnywhere and we can share this capability with you when you send us personally identifiable information. Alternatively, if your agency has a secure file transfer account, we are happy to use your service to transfer sensitive information as well.
  • Encrypted emails. Lastly, employees of The Standard may apply an email encryption tool to an email to ensure only the intended recipient can read the message. When we send you an email encrypted by this method, you’ll receive an email that informs you that you’ve been sent a secure message. The email provides a link to read the full message.

Additionally, we ensure the security of sensitive information stored on our premises and on our servers in many ways. The Standard has an established information security team that oversees the Information Security Management System. This group is dedicated to information security risk identification, assessment and solutions.

Some example of how The Standard ensures the safety of stored personally identifiable information include:

  • The Standard uses industry-standard tools and best practices to validate the identity of information system users, including two-factor authentication for remote access to systems.
  • We encrypt all electronic data, including those on mobile devices, such as on laptops, tablets and smart phones.
  • Access to personally identifiable information is available only to employees on a need-to-know-basis — to those who need the information to perform their job. These employees undergo background checks and regular security training.

Steps You Can Take

As you add capabilities to conduct business electronically, please make sure you’re doing your part to protect personal information. Be sure to comply with applicable laws. Always conduct the necessary research to ensure you choose established, trustworthy vendors and services. You can also seek best practices from reputable resources, such as the Federal Trade Commission. And, if you are interested in setting up a TLS encryption account with The Standard, please reach out to your account manager or GSI sales rep.

Thank you for working with us to enhance client service while simultaneously protecting client information. If you have any questions, please reach out to your case manager.

For Producers Only