At ICLUBcentral, we understand that protecting your data is a priority. Here’s a summary of just a few of our company’s data security practices and how we work to keep your private information private and protected.
From the time you arrive at any of our web sites, the servers use a secure connection utlizing industry standard TLS 1.2 encryption. This means that your username and password, as well as all of the information that shows up on your screen is encrypted as it moves between our servers and your personal computer or mobile device. For clubs that use our BrokerSync™ feature on myICLUB.com to download transactions from a brokerage website, the same level of encryption applies. All account numbers, passwords, and transactions that are delivered to the myICLUB.com website are encrypted while en route from a brokerage website. Note that we do not store any brokerage login information on our servers; this information must be entered each time the treasurer downloads brokerage transactions.
All of our servers are maintained off-site in a secure SSAE 18-compliant tier-3 colocation facility. This enterprise-level data center is independently audited annually to ensure that its data controls related to security, availability, processing integrity, confidentiality, and privacy all meet or exceed the SSAE 18 Audit Standards, and its processes, internal controls, and procedures align with the policies set up by the American Institute of Certified Public Accountants (AICPA).
Our high-security colocation facility provides 24/7 physical security, inert gas fire suppression protection, backup battery and independent off-grid power generation, ensuring superior facility, power, and network uptime. All physical security controls at the facility comply with PCI-DSS v 2.0, HIPAA/HITECH, and SOC2 standards and include dual authentication with individually-issued keycards and biometrics for authorized employees.
Our servers utilize RAID (Redundant Array of Independent Disks), writing all transactions to the database simultaneously to multiple hard drives in the colocation facility. In the case of catastrophic hardware failure, we are able to restore customer data quickly. Additional regular external backups to on-premise and off-site locations provide another layer of protection.
Our servers are protected from unauthorized access via a secure firewall system. All data entering or leaving the server network pass through our firewall, which examines each message and blocks those that do not meet the specified security criteria. Our firewalls and servers are updated regularly with security patches and updates as released by the vendor. User credentials accessing those systems are encrypted using one-way strong hashing algorithms.
We store no credit card information on our servers other than the last four digits of a payment card used to purchase a product or subscription. Transactions are processed immediately by an external credit card processor using industry-grade encryption.
All critical data, including Employer Identification Numbers (EINs), Social Security Numbers (SSNs), and financial account numbers, is stored in our databases in an encrypted format. Users have the choice to not save Social Security Numbers on their investment club’s myICLUB.com website if they prefer. Tax forms generated through our Club Tax Printer module (which may include Social Security Numbers) are not saved as files on our server, but are re-generated from the database each time they are accessed on myICLUB.com.
The myICLUB.com website supports two-factor (two-step) authentication (2FA) for end users, which can limit attempts at unauthorized access to a club’s website. Using 2-step authentication improves the security of your account by requiring a one-time verification code be emailed to a user each time he or she attempts to log in to the myICLUB.com website. At a minimum, we recommend that all club treasurers and administrators use 2-step authentication.