How Secure is my Information at
site uses state-of-the-art digital encryption and security technologies
to protect the privacy and security of our member information and has specific
security measures in place to protect the loss, misuse and alteration of
the information under our control.
All data passing from your computer to
is authenticated and encrypted using 128-bit Secure Socket Layer (SSL) encryption
using technologies provided by GeoTrust, Inc.. This is the most advanced
level of encryption available today, and it means that any information sent
from your computer is scrambled in a way which makes it completely unintelligible
if intercepted. When you are on a secure section within the web
site (i.e. after you have logged in as a member), a padlock will appear on your web browser. This is your assurance that
the encryption is in place and that you are communicating across a secure
link. To verify the validity of our web site's SSL encryption certificate,
click on the GeoTrust graphic which appears on every one of our secure pages.
We do not store any of your credit card information.
All credit card transactions are processed through a third party secure
gateway, and the information your provide is only used for making the current
transaction. No information about your or about your credit card is
ever stored on our web site, in our databases, on our web servers, or on
the secure gateway server.
All sensitive personal information is stored in a
highly encrypted format on our server. We use an industry standard
high security streaming-encryption algorithm known as "RSA" to encrypt all
sensitive personal information before it is stored online. RSA is a public-key
cryptosystem developed by MIT professors Ronald Rivest, Adi Shamir and Leonard
Adleman. (To give you a feeling for the level of security provided by this
encryption, it has been estimated that with the most efficient algorithms
known to date, it would take a computer operating at 1 million instructions
per second over 300 quintillion years to break the encryption.) Also,
the encryption method used ensures that the only way possible to access
and view the sensitive personal information stored here by a
member is by using a private internal encryption key which is unique for
every member. Our software algorithms ensure that the encryption and
decryption of a member's sensitive personal information can only be performed
by the member themselves, or by those designates to which the member has
provided a separate unique key known as a "Keyholder® ID". It is not
even possible for the operators of this web site to decrypt a member's sensitive
personal information without knowledge of this encryption key.
Note that some services require temporary decryption of a member's documents
as part of the operation of providing that service.
For example, if the member wants to have their Will reviewed by one of our legal
professionals, or wants to have their documents printed and mailed to them, then
the software will automatically decrypt these documents as part of the member's
instructions to have these services performed.
As an additional security measure, all successful
and unsuccessful attempts to login to a member's account are logged
in our database along with date/time stamps, IP addresses, and other detectable
information from the user. This information will be used for law enforcement
purposes and for the protection of our members should there be any suspicion
of unauthorized access to our database.
Furthermore, we offer members the option of receiving
an email alert message whenever their sensitive personal information is
accessed, or attempted to be accessed, using a valid key. If unauthorized
access is suspected, clicking a link within the email will immediately disable
access to the member's sensitive personal information for that key, until
the member re-enables the access themselves, or until we are contacted by
the member and provided with specific information validating their identity.
To protect against catastrophic data loss, daily backups
are performed on each of our servers to separate locations in Canada
and the U.S. Hence, if any one of our servers experienced technical difficulties,
our member data would not be at risk.
We also employ a number of physical security mechanisms
to ensure the physical protect of your information. Physical protection
of our systems includes:
Fire detection and fire suppression systems with
dry pipe pre-action sprinkler systems
N + 1 redundant power supplies, providing dual power
feeds and backup batteries, water coolant systems and generators
N + 1 redundant climate control, providing primary
and backup chiller units, cooling towers, and water storage
Local network operations center (NOC) for monitoring
all data center operations
24x7 monitoring and support of network connection
and server availability
24x7 uniformed guard service with interior and exterior
closed-circuit television surveillance
Electronic access at all data center entrances, including
biometric hand scanners
Electronic key management systems and individually
As you can tell by reading the above, we take the
security and privacy of all of our member information very seriously.