At a recent regional member and broker meeting, a member asked about the security of our website, which houses online policy and claims data, so I thought I would share the following from our Chief Information Officer, Gene Blauvelt:
“Our number-one priority is the protection of member information. Once a year, AEGIS employs the services of external security experts to review the website and to conduct penetration testing. Any recommendations provided by the experts are then vetted and applied. Industry-standard best practices are used when securing access and providing information through the AEGIS website. All content, both public and private, is transmitted through HTTPS and uses an extended validation certificate with a green status bar to let our users know they are communicating with AEGIS securely. We also require the use of strong passwords for all users when logging in to the secure section of our website. Access to our system is controlled through an internal approval process that validates each user’s relationship and appropriate roles are assigned and confirmed before access is granted. We continually monitor our systems for new vulnerabilities and apply appropriate changes and monitoring tools to keep our systems secure from potential threats. As an additional level of security, we ask that you please notify us immediately when a person leaves your organization so we can disable their access to our systems. Please send an email to firstname.lastname@example.org or contact your AEGIS underwriter. No security scheme is foolproof, and we will continue to enhance our system as the risk and defenses evolve.”
I hope this helps. If you have any questions or would like our Information Technology Division to go into more detail, please contact Gene Blauvelt by e-mail or by phone at 201.508.2713.