Privacy and Security: Keeping Your Account Safe

Account Protection and Security

We protect your information and your clients’ assets with proven technology, processes, and insurance. Keeping your clients’ account information secure is critical and should be viewed as one of your primary responsibilities to your clients. Below are a few of the precautions we take to assist, and some of the procedures you and your clients should know about.

Privacy Policy

We value your privacy and safeguard your personal information. We will never share it with anyone you have not authorized us to share it with. We may share aggregate data with others but personally identifying information is never provided without your permission. See our Privacy Policy.

FDIC Insurance

Cash deposits are insured by the Federal Deposit Insurance Corporation (FDIC), an independent agency created by the U.S. Congress in 1933 to help maintain public confidence in the nation’s financial system. One of its primary duties is to insure deposits in banks and thrift institutions. If you would like more information about FDIC insurance, please visit www.fdic.gov or call the FDIC Consumer Hotline at 1-877-ASK-FDIC (1-877-275-3342).

SIPC and Supplemental Insurance

Folio Investments, Inc. is a member of the Securities Investor Protection Corporation (SIPC). A brochure explaining the coverage provided by SIPC is available on SIPC’s website at www.sipc.org. In addition to SIPC coverage, we have purchased from underwriters at Lloyds of London supplemental customer securities insurance. Together those coverages provide a total aggregate limit of $50 million limited to a combined return of $10 million to any single customer. Neither SIPC nor the supplemental insurance coverage protect against losses resulting from a decline in the market value of securities.

For more information on SIPC and FDIC Coverage, please see our custodial brochure.

Website Protection

Customer Access to Account Information

You will create a unique username for your clients so they can log into our client website. Your client will set their own password, which they can change at any time.

When your clients contact us by phone, our customer service representatives will always ask for account verification information. Our customer service representatives will never ask you for your account password under any circumstances.

Session Time-Out

Clients are automatically logged out of their accounts after 30 minutes of inactivity. This helps protects them from the potential threat of others accessing their account through an unattended computer. Nevertheless, you should advise your clients never to leave a computer unattended with their account in a logged in state.

Account Lock-Out

In the event that your password is locked, you will be required to contact Customer Service at 1-888-485-3456.

Encryption

We utilize Secure Sockets Layer (SSL) encryption for all browser access to our web platform services to ensure that any data entered into our website is encrypted to and from the browser being used. Depending on the browser, you can verify that SSL is enabled by clicking on the small company logo to the left of the URL, the padlock, or the key icons in the address bar. This action should display a digital certificate that verifies encryption and confirms the identity of the website. Check the certificate to ensure the web address matches the address on the certificate, the certificate is signed by a trusted certificate authority, and the date is current. Do not log into an account from any website if you’re unable to verify any of these items.

Protect Your Clients’ Passwords

Passwords are the keys to your clients’ accounts, and they should be changed frequently. Don’t share passwords with others or store them as a file on your computer. Avoid using public computers, like those in cafes, libraries, hotels, etc. to access accounts. They may contain keystroke monitoring software that Internet thieves can use to steal users names and passwords.

Password Protection Tips:

  • Use a combination of numbers, symbols and letters
  • Avoid the obvious, like a child’s name or spouse’s birthday
  • Use different passwords for each financial account
  • If you call us, we will never ask for a client password under any circumstances

Security Software

Be sure to keep your anti-virus and anti-spyware software up to date. There are many free and low cost solutions on the market.

Logout

When you are done viewing yours or your clients’ accounts, remember to log-out and close your browser. Failing to do so exposes you and your clients to online fraud.

Browser Compatibility Requirements

Our website and platform are compatible with the following web browsers:

  • Internet Explorer
  • Google Chrome (PC, Mac, Linux)
  • Mozilla Firefox (PC, Mac, Linux)
  • Apple Safari (PC, Mac)
  • Opera (PC, Mac)

We encourage use of the most current versions of web browsers for optimal browsing. If you have trouble using our website and you are not using one of these browsers, we suggest you try using one from the list above. All of these browsers can be downloaded for free and will deliver an optimal web browsing experience.

E-Mail Safety

We follow e-mail security guidelines designed to avoid e-mail fraud, and there are also simple precautions you can take to protect your clients. Internet fraud is often committed via e-mail, so be careful when communicating information electronically. We cannot stress how important it is to not send email with confidential account information.

Phishing

Internet phishing scams ask you to verify sensitive customer information through e-mail or through fake websites made to look like your financial institution. To protect yourself against these scams, never reply to any e-mail purporting to be from us asking for personal account information, and never log-in to our website by following the link in an email as the link in an email may be taking you to a spoofed site. We will not include a link to log in to our site from any email that we send. In addition, you can view a website’s digital certificate to verify its identity. To do so, click on the small company logo to the left of the URL, the padlock, or the key icons in the address bar. This action should display a digital certificate that confirms encryption and provides the identity of the website. Check the certificate to ensure the web address matches the address on the certificate, the certificate is signed by a trusted certificate authority, and the date is current. Do not log into an account from any website if you’re unable to verify any of these items.

What to do if You Suspect Internet Fraud?

Contact us immediately to report suspicious account activity or e-mail correspondence and consider alerting the Federal Trade Commission at spam@uce.gov and your local police authority.