Keeping your personal information secure
Symetra employs sophisticated technologies and best practices to ensure that sensitive data is well protected. Here are some of the key ways that we keep your information safe.
Symetra has enacted security protocols for both employees and customers to prevent unauthorized access.
- Strong employee password standards for length, complexity and required password changes.
- Two-factor authentication requirements for privileged account access.
- Monitoring of suspicious incoming email, calls and correspondence to detect and prevent fraud.
- Constant monitoring of infrastructure, network and systems to identify and respond to potential threats.
- Need-to-know-only access restrictions for systems and customer data.
- Software vulnerabilities identified and mitigated on a regular basis.
- Cybersecurity threat drills identify strengths and opportunities for improvement.
- Standards of ethical behavior and protocols for annual refresher training. High standards of ethical behavior are set and enforced. Protocols exist for reporting violations.
- Privacy training at time of hire and annually thereafter. You can read our privacy statement here.
- Annual information security training for all associates.
- Internal and external audits to review and assess security and technology controls and business operations.
- Segregation of Duties (SOD) assessments to prevent conflicts of interest and manage risks.
- Vendor reviews to ensure compliance with industry data security standards.
- Business continuity, IT disaster, and resilience plans to address recovery from disruptions, failures or disasters. You can review our Business Continuity Statement for additional detail.
- Identity verification required before account access is granted by phone or online.
- Unique user name and passwords required for account access. Passwords must employ a mix of numbers, upper and lower case letters, and special characters.
- Customers may be prompted to answer security questions when attempting to log in from a new device.
Multiple layers of security are in place to strengthen protection of your data. Here are some of the key ways we use technology to keep information safe.
- Antivirus solutions to detect and prevent malicious code.
- Email filtering to block spam, phishing and malicious content.
- Firewalls to protect the network and systems from unauthorized access.
- Geographic IP address content filtering to block connections from known bad actors or foreign sourced locations.
- Employee device encryption to protect data in the event of loss or theft.
- Intrusion detection and data leakage systems to diminish the risk of incoming attacks.
- Restricted physical access to offices, data centers and other buildings.
- Scheduled data and system backups to ensure preservation of systems and customer information.
- Online account access is encrypted using 128-bit, two-way data encryption.
- Current web browsers with industry-accepted encryption protocols are required for account access.
- Customers are automatically logged out after a period of inactivity to secure account information.
Keeping yourself safe
Accounts and passwords
Your account information and password prove that you really are who you say you are. If this information lands in the wrong hands, someone can pretend to be you, steal your personal information, and even make fraudulent financial transactions. Follow these tips from the Department of Homeland Security to secure your accounts and passwords.
Personal technology (phones, tablets, and computers) is part of our daily lives. These devices often know where we live and work, store our banking or credit card information, and connect us with thousands of people. Have you ever wondered what would happen if “bad guys” got a hold of your device? Check out these device security pointers to put your mind at ease.
The internet makes life more convenient than ever. Unfortunately, it’s more convenient for criminals as well. Learn how to make the bad guys’ lives a little harder by using these online safety tips.
Scams and fraud
Have you ever won a lottery you didn’t enter, or been left money from a billionaire you never knew? Neither have we. But scammers might try to make you believe it’s true. Learn how to identify various scams and what you can do to protect yourself.
Reporting suspicious communication
If you receive suspicious information that appears to come from Symetra, please email us or call 1-800-796-3872.
While Symetra cannot prevent scammers from targeting consumers by phone, mail or online, we can help you determine if the communication was legitimate.
For more information about staying safe online, visit www.staysafeonline.org.
Symetra Awarded ISO 27001 Certification for Cybersecurity
Symetra has attained ISO/IEC 27001:2013 certification—a globally recognized standard mandating multiple controls for the establishment, maintenance and certification of an Information Security Management System (ISMS).
These stringent requirements ensure that an organization's data management, customer data and third-party information is secure and that best practices are established for information security.