Investrade takes cyber security seriously by implementing a secure environment, taking steps to protect customer assets, and protecting employees and our customers’ personally identifiable information. In order to protect against potential cyber-terrorism and hackers who target financial firms, Investrade has created policies and procedures that pertain to ensuring cyber security, prevention of identity theft, and general security preparedness. Additionally, Investrade regularly performs audits and testing of our web servers to ensure and certify that the servers processing sensitive customer information are not susceptible to security exploits.
This site has security measures in place to protect the loss, misuse and alteration of the information under our control. The Trading Area uses SSL (Secure Socket Layer) technology to provide a secure environment for all transactions. If you do not have an up-to-date browser that supports SSL, you should upgrade today. We restrict access to information about you to those employees and authorized agents who need to know that information in order to provide products or services to you. We maintain physical, electronic and procedural safeguards to maintain the confidentiality of your information.
How Investrade Protects Your Account
Your Investrade account is protected by the Securities Investor Protection Corporation.
Investrade is a division of Regal Securities, Inc., a member of the Securities Investor Protection Corporation (SIPC). Your account assets are covered by the SIPC, which protects customers of its members up to $500,000, with a limitation of $250,000 on claims for cash balances. Additionally, our clearing firm, Hilltop Securities, Inc. “HTS” has purchased Excess SIPC Insurance which covers the net equity of customers’ accounts up to an aggregate of $150 million from underwriting syndicate at Lloyd’s of London.
The customer securities component, which restricts coverage with respect of any one customer, is a maximum of $25,000,000 with the aggregate coverage of cash set at $900,000. SIPC and Excess SIPC covers accounts of the member firm in the event of a member’s bankruptcy and insolvency. Coverage does not apply to losses due to market fluctuation or any decline in market value of your securities. For additional information regarding SIPC coverage, including a brochure, please contact SIPC at (202) 371-8300 or visit www.sipc.org.
Following Are The Steps That Regal Takes To Ensure Cybersecurity Readiness
Investrade provides extra security via Two Factor Authentication when logging into your account. Two Factor Authentication is a simple tool that provides an extra layer of security by requiring two distinct forms of identification to access something. For example, using a smartphone to receive a text with a verification code or an email. This helps keep you more secure and gives you more security in your online account. Once you open an account with Investrade, you can simply go into the trading interface and set up Two Factor Authentication in the settings. You will need to bind your phone to your account before you can enable Two Factor Authentication.
Additionally, Investrade has a comprehensive Disaster Recovery/Business Continuity plan, and regularly performs testing of Disaster Recovery & Business Continuity Readiness Tasks & Incident Response Readiness Tasks.
While we take numerous steps to help protect the security of your account, there are steps that you, the customer, can take to protect your account as well. To help protect your personal identity and prevent your personal information from being disseminated to unauthorized individuals, always remember to remain vigilant by keeping your personal and financial information secure, and be aware of “Phishing” and fraudulent emails and suspicious websites.
Unsecured wireless networks pose a significant risk to computing assets and information. In general, unsecured wireless networks should be avoided and should never be used as a primary networking resource.
Additionally, the following brochures describe the critical steps you can take to safeguard your financial accounts and help prevent identity theft.
Please read “Keeping Your Account Secure – Tips for Protecting Your Financial Information” provided by the Securities Industry and Financial Marketing Association (SIFMA) and the Financial Industry Regulatory Authority (FINRA).
“Phishing” and Other Online Identity Theft Scams: Don’t Take the Bait
Though Investrade has steps to insure your accounts security, it is your responsibility to also follow steps to keep your account secure.
Change Default Passwords
On devices that are connected to your network you should always make sure you change the default password. It doesn’t matter if it’s a new security camera or a new fridge. Creating new credentials is the very first step in securing your IoT devices and protecting your privacy. Research has shown that a “passphrase” is safer than a password. What does this mean? It means 1qaz!QAZ is less secure than Mydogsliketochasethechickensaroundtheyard! which is also much easier to remember.
Automatic Patches and Updates
In today’s “set it and forget it” society, many electronic devices can take care of themselves. Quite often technology has a setting that allow for automatic updates. This is an important setting to turn on when securing IoT devices.
Set-up Multi-factor Authentication (MFA)
MFA security settings are growing in popularity. This is as simple as receiving a text or code that you need to type in while signing on to a system. Often times within the account preferences of your device, you can set up an Authentication Application. If you can’t find this option call customer service, chances are it exists somewhere.
Utilize a Password Manager
Keep usernames and passwords unique. Most password manager applications can generate a random password for you, and will allow you to store them safely.
Update Default Settings
Check to see which settings are turned on by default, especially if you don’t know what they mean. If you are unfamiliar with FTP or UPnP, chances are you are not going to use them, or even notice that they are off.
Avoid Public Wi-Fi
It may be convenient to connect to a public Wi-Fi, but think again! If the Wi-Fi network does not require a password, then anyone can listen in on your computer’s information. Some public Wi-Fi networks are deliberately set up in the hopes that people will use it so they can steal information or credentials.
Remember that just like you lock your front door to protect the valuables inside, these days you also need to lock your IoT devices to protect your information and your privacy.
It is very easy to find any information you need in today’s connected world. Have you ever Googled yourself to see what information about you is online? A search can often provide your address history, phone number, age, birthdate, employment information, public records, and social media accounts. Consider what can be done with Personally Identifiable Information (PII) from the perspective of a cyber criminal looking to commit identity theft or other crimes.
Children, teens, and senior citizens are all groups who especially may not realize how vulnerable they are to being a victim of cyber crime. Senior citizens may be more trusting of the material that is presented to them online. Children and teens are growing up with technology and may be using it to communicate with each other with only a recreational level of understanding. They may not realize that once you post online, it rarely goes away.
In order to keep information safe or private, we need to take care of sharing it and teach cyber hygiene to those who may not understand its importance. Here are examples of how we are asked to provide information, or how people share information that should be kept private:
When you sign up for a store loyalty program or other online accounts, you are asked to provide information such as name, address, phone number, birthdate, email address, etc. By providing this, you can get discounts on the merchandise they are selling or can receive promotions by email. However, is that information you provide kept private, or is it sold to other companies so they can market to you? Read the terms of use and privacy policy before signing up for such a program.
Cyber criminals will offer false and unbelievable deals to get you to click on a link and provide them with your information. You may hear about a loan offer or a notification that your order shipped and that you need to log in by clicking their link to track it. Criminals seek your information in an effort to steal your identity and use it to open up fraudulent accounts in your name. Always shop with trusted vendors, and never follow an unsolicited link in an email asking you to log in to an account. Instead, head to the website you normally use by typing it into your browser to check on your account.
Criminals may call saying they are from Microsoft or another device/software company, telling you that your software has expired or your device is infected with malware. They may ask for money to renew a license, as a method to complete the fraudulent activity. Other criminals may pose as the IRS, pressuring you into paying taxes. Never offer payment information or personal information to someone calling you unsolicited. Always end the call and attempt to contact the organization through a publicly listed phone number that is legitimate, then see if you need to work with them on a problem.
These sites provide a relaxed atmosphere where you can chat with friends and family. The issue is that anything you post or share is likely a permanent submission that many others can access online. Oversharing on social media may lead to you voluntarily giving up answers to account security questions, like the color of your car or the town where you were born. Also, posting about being on vacation sends a signal to criminals that your home may be unoccupied and a great target for a robbery! With all this information about you on social media, be sure to set your account privacy settings so only friends can view your content. Lastly, consider deleting old, unused social media accounts to cut down on your digital footprint.
Whenever communicating with people or posting online, avoid sharing too much. When receiving emails, mail or calls asking for sensitive information (birthdate, social security number, credit card, etc.), always contact them at the legitimate address or phone number you normally use for that organization. Do not share information if you do not initiate the communication!
Below are resources on protecting privacy and identity along with practices for online security. These help you to protect yourself, your children, and your elders from being victims of a crime.
Federal Trade Commission
Stay Safe Online
Protect Seniors Online
Investrade has created this privacy statement in order to demonstrate our firm commitment to customer privacy on the Internet. The following discloses our information gathering and dissemination practices for this web site: www.Investrade.com. You can look at our full Privacy Policy by clicking Here.
WHERE DOES INVESTRADE OBTAIN THE INFORMATION?
The information that we have comes directly from you. This includes such information as your name, address and Social Security number that you provided on applications, agreements or other forms. In addition, we maintain records of each of your transactions and holdings processed by us.
We also may obtain information about you, such as your credit history or other facts relating to creditworthiness, from a consumer-reporting agency.
Our site’s registration form requires users to give us contact information (like their name and e-mail address). We use customer contact information from the registration form to send the user information about our company. The customer’s contact information is also used to contact the visitor when necessary. Users may opt-out of receiving future mailings; see the choice/opt-out section below.
We use your IP address to help diagnose problems with our server, and to administer our Web site. Investrade provides investment brokerage services by means of its own internal operation and those of its clearing firm and other unaffiliated third party providers such as mutual funds and variable product sponsors. Investrade acts as an introducing broker to its clearing firm, which in turn processes the transactions and acts as the account custodian. All of the above named parties receive and maintain information about you that is related to and necessary for processing investments in your account.
CONFIDENTIALITY AND SECURITY (Restricted Access)
This site has security measures in place to protect the loss, misuse and alteration of the information under our control. The Trading Area uses SSL (Secure Socket Layer) technology to provide a secure environment for all transactions. If you do not have an up-to-date browser that supports SSL, you should upgrade today. We restrict access to information about you to those employees and authorized agents who need to know that information in order to provide products or services to you. We maintain physical, electronic and procedural safeguards to maintain the confidentiality of your information.
Investrade does not sell your nonpublic personal information. We provide information about current or former clients from the sources described above to parties outside of this firm only as described below:
To other companies as necessary to process your business. For example, we process your mutual fund and variable product transactions through product providers with whom we have dealer-selling agreements. If you have a trading account, the information that we obtained from you is given to the clearing firm for purposes of facilitating securities trading and statement preparation. These parties must limit their use of the information to the purpose for which it was provided. For account funding, Investrade uses Plaid Inc. (“Plaid”) to gather your data from financial institutions. By using the service, you grant Investrade and Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from your relevant financial institution. You agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with the Plaid end user privacy policy.
Where required by law or regulation. Examples include responses to a subpoena, court order or regulatory demand. As authorized by you, you may direct us, for example, to send account statements or other account information to a third party. As otherwise authorized or permitted by law. For example, the law permits us to respond to a request for information about you from a consumer-reporting agency.
This site may supplement the information that you provide when submitting an application for an account with information that is received from third parties.