Security at Avid Wealth Partners
As a financial services company, we take Information Security very seriously!
01
Information Security Program
We have a Written Information Security (WISP) aligned to industry standards and continuously evaluate ways to improve our security posture. Our WISP as well as other policies and procedures are shared with all employees.
​
Legal
02
Internal Security Measures
Personnel Security
We perform background checks on all new employees in accordance with local laws. The background check includes employment verification and criminal checks for US employees.
​
Identity and Access Management
All our employees have a unique login with access based on a least privilege model.
​
Encryption
Our laptops, desktops, and servers are managed, have encrypted hard drives and are monitored with Endpoint Detection and Response (EDR) and Artificial Intelligence (AI) based antivirus where possible.
​
We use both encryption in transit and encryption at rest to protect PII and non-public data from unauthorized access. All communications between users are encrypted in transit using Transport Layer Security (TLS). All database and database backups are encrypted at rest.
​
Access to Data
Access to client data is limited to authorized individuals who require it for their job. There is no corporate resources or additional privileges from being on our network. We run on a zero-trust corporate network.
​
Passwords
We enforce password complexity standards, leverage Multi-Factor Authentication where possible and employ a host of other best practices related to password management.​
​
Physical Security
Our office is secured by keycard access doors. Entrances and exits are observed and captured by cameras and are monitored and protected.
​
Network Security
Our internal network has various defense in depth measure and practices the principle of zero trust via Secure Gateways.
​
Security Awareness
All our employees receive security awareness training upon hire and continues throughout the year.
​
Independent Assessments
Bi-annual cybersecurity assessments conducted by a vetted independent 3rd party industry expert.
Proactive Security Monitoring
Ongoing cybersecurity monitoring provided by 7Tech.
Cyber Insurance
Avid Wealth Partners maintains DataBreach SM Network And Information Security And Media Injury Liability coverage.
​
Incident Response
We have an in-depth Security Incident Response Plan (S-IRP) for handling security events which includes identification, containment, eradication, and recovery efforts.
​
Responsible Disclosure
If you believe you have discovered a vulnerability within Avid Wealth’s SaaS service, please submit a report to us by emailing incidentresponse@avidwp.com.
​
If you believe your account has been compromised, please report it to incidentresponse@avidwp.com.
03
Best Practices
Below are some best practices we wish to pass along for your consideration.
​
-
Create a complex password for your account that is at least 12 in length. It should consist of upper case, lower case, numbers, and special characters.
-
Utilize Multi-Factor Authentication where possible.
-
Never share sensitive information with third parties.
-
Avid Wealth will never reach out to you for your password.
-
Microsoft or Apple will never reach out to you directly and need to gain access to your device. Never grant someone remote access into your machine without verifying who they are.
-
Review your login activity on a frequent basis to ensure your account is not compromised.
04
Contact
If you have any additional questions regarding Avid Wealth's security measures, please email us at info@avidwp.com.