Security Statement


At Elysian Insight, we're dedicated to protecting your privacy and handling your information in a secure and confidential manner. We know that trust and confidence in the companies with which you do business is important. We value the trust you place in us to protect your information.

The Internet, by its very nature and design, is an open system that does not automatically provide a secure means of sending and receiving information. For example the confidentiality of personal information you disclose via email cannot be guaranteed. Therefore, we recommend against sending any personal information to us by email.

To protect information used in Internet transactions and stored in Elysian Insight databases, Elysian Insight uses the following information security techniques and procedures:

Authentication
Users require a unique user account and password. Our policy states user accounts must not be shared, and we enforce strong password construction. To provide further protection, sessions are automatically logged out after 30 minutes of inactivity.

Encrypted Transmission
All data input during a user's session is encrypted during transmission. Information between your computer and the Elysian Insight site is exchanged via Secure Socket Layer (SSL) that uses 128-bit encryption. To verify your session is secure, look for https: instead of http: in the URL address line, and a secure symbol (for example, closed padlock or key) on the status bar of your browser located on the lower part of the screen.

Strong Internet Connection and Server Management
Information requests must pass through multiple hardware and software security firewalls. Firewalls can be thought of as a selective barrier that permits only specific types of traffic (transactions) through to our systems. We maintain current patches and anti-virus definitions. The servers in which Elysian Insight stores personally identifiable information are kept in a secure environment.

Monitoring
We monitor for security events with Intrusion Detection, and respond appropriately.

Forensic IP Tracking
Elysian Insight employs what we call forensic IP tracking. This means that the originating IP address and time are recorded for all logins and page modifications.

Limited Employee Access
Access to user and account holder information is restricted within Elysian Insight's offices. Only Elysian Insight employees who need the information to perform a specific job (for example customer service representatives) are granted access to personally identifiable information. All Elysian Insight employees are kept up to date on our security and privacy practices. When new policies are implemented, Elysian Insight employees are notified and reminded of the importance the company places on customer privacy.

Annual Auditing
Our audit plan includes an annual review of our control measures.

How You Can Help
While we at Elysian Insight continue to provide security controls to protect information about you, we believe it is extremely important for you to share in the responsibility for security. The following are some ways you can protect yourself and your accounts:

Never share your password with anyone. Remember, an Elysian Insight representative will never ask you for your password.

Change your password on a regular basis. If you think your password has been compromised, change it and contact us immediately.

Consider using a personal firewall to prevent hackers from invading your personal computer, especially if you are using DSL or a cable modem to access the Internet.

Install virus protection software and scan all downloaded software, as well as all diskettes, before use. Also, delete emails with attachments from unknown sources.

Be careful of links contained in email messages, as it is a common tactic for hackers to duplicate a website and send an email to unsuspecting users asking them to click and update their information, information which would then go to them. Email from Elysian Insight only contains links when it is necessary for you to reactivate your account based on an action you've taken or when you request an action to change a password you've forgotten.

Always log out when you are finished with your transactions to exit the application and prevent further access to your account.