How secure is my account data?

When it comes to the security of your account, our data center, SunGard, is securely staffed around-the-clock by certified engineers. In addition to the many layers of security, power, environmental and network redundancy at SunGard, we maintain three layers of storage for user data:

1. All of our database servers employ RAID disk drive configuration. That means a single hard drive failure cannot destroy customer data on an server.
2. We have 'hot standby' servers, which run in parallel with the production servers. Data 'syncs' from the production servers to the 'standby' servers and we can quickly fail over to the standby servers in the case that a primary server fails. (These standby servers also have RAID disc configurations.)
3. We have a third group of servers that is responsible for the very unlikely event that both the primary and standby servers fail. These backups run as a bulk copy on a scheduled basis.

All of our customer-facing systems are housed in an SSAE16 Type II facility, and physical access is only gained after passing multiple layers of access restrictions (ID, fingerprint, passcode, etc). All physical access is logged. All access over the Internet is done over SSL using High Grade encryption. Our systems are protected by firewalls, and all requests are examined to prevent SQL injection, cross-site scripting and other types of attacks. Application access to the databases is mediated by an API layer that further protects customer data. Accesses are logged to a centralized logging system, and the logs are examined in real time for unusual activity by an automated system.

The security measures we’ve implemented, while reasonable and customary to ensure the security of account login credentials and data such as names, email addresses, birthdays, etc., don’t meet the standards required by PCI, HIPPA or FERPA. You shouldn’t store Personally Identifiable Information in your account that could be used for Identity Theft such as a member's full name in combination with a Social Security number, drivers license or identification card number, financial, credit or debit card number.