Security at Avid Wealth Partners
As a financial services company, we take Information Security very seriously!
Information Security Program
We have a Written Information Security (WISP) aligned to industry standards and continuously evaluate ways to improve our security posture. Our WISP as well as other policies and procedures are shared with all employees.
Internal Security Measures
We perform background checks on all new employees in accordance with local laws. The background check includes employment verification and criminal checks for US employees.
Identity and Access Management
All our employees have a unique login with access based on a least privilege model.
Our laptops, desktops, and servers are managed, have encrypted hard drives and are monitored with Endpoint Detection and Response (EDR) and Artificial Intelligence (AI) based antivirus where possible.
We use both encryption in transit and encryption at rest to protect PII and non-public data from unauthorized access. All communications between users are encrypted in transit using Transport Layer Security (TLS). All database and database backups are encrypted at rest.
Access to Data
Access to client data is limited to authorized individuals who require it for their job. There is no corporate resources or additional privileges from being on our network. We run on a zero-trust corporate network.
We enforce password complexity standards, leverage Multi-Factor Authentication where possible and employ a host of other best practices related to password management.
Our office is secured by keycard access doors. Entrances and exits are observed and captured by cameras and are monitored and protected.
Our internal network has various defense in depth measure and practices the principle of zero trust via Secure Gateways.
All our employees receive security awareness training upon hire and continues throughout the year.
Bi-annual cybersecurity assessments conducted by a vetted independent 3rd party industry expert.
Proactive Security Monitoring
Ongoing cybersecurity monitoring provided by 7Tech.
Avid Wealth Partners maintains DataBreach SM Network And Information Security And Media Injury Liability coverage.
We have an in-depth Security Incident Response Plan (S-IRP) for handling security events which includes identification, containment, eradication, and recovery efforts.
If you believe you have discovered a vulnerability within Avid Wealth’s SaaS service, please submit a report to us by emailing email@example.com.
If you believe your account has been compromised, please report it to firstname.lastname@example.org.
Below are some best practices we wish to pass along for your consideration.
Create a complex password for your account that is at least 12 in length. It should consist of upper case, lower case, numbers, and special characters.
Utilize Multi-Factor Authentication where possible.
Never share sensitive information with third parties.
Avid Wealth will never reach out to you for your password.
Microsoft or Apple will never reach out to you directly and need to gain access to your device. Never grant someone remote access into your machine without verifying who they are.
Review your login activity on a frequent basis to ensure your account is not compromised.