How does Ironwall keep my information secure?

Security is paramount to our process and we are part of one of the largest security firms.

We employ numerous techniques to safeguard the information we gather, starting from the moment we request that information.

Our procedures and safeguards include:

1. We start by collecting as little information as possible. We don’t collect your social security, full birthdate, ID, credit card or other information into our search portal. By collecting less information, we are less of a target for hackers to begin with.
   
   
2. We limit who has access to your information. Our automated system flags issues and provides a summary report of issues to a human reviewer, minimizing the need for them to actively access your information. The human reviewer can only access the accounts assigned to him/her for review and all access attempts are logged in the system for auditing purposes to flag suspicious, after-hours, or unauthorized attempts at viewing information.
   
   
3. We follow advanced security protocols like SOC 2. We lock down our computers, work through secure and encrypted VPNs, and limit what IP addresses can access your information. All IP addresses and login attempts are recorded and monitored.
   
   
4. Clients can view their information, and that of their families, but multiple failed attempts at logging in, or trying to log in to another officer’s account from the same IP address, triggers a security alert.
   
   
5. Security access patterns are analyzed regularly to spot issues.
   
   
6. We have proprietary intruder detection protocols that we do not advertise, but which alert us of intrusions. The goal of our architecture is not only to avoid intrusion but also to delay and segregate so that intrusions can be detected and stopped. Breaching one level of security only gains access to small amounts of information (or even to just one individual’s portal view). System-wide reviews from outside IPs are not allowed.
   
   
7. We do not barter, sell, trade, or otherwise provide your information to any outside source. Your information belongs to you. At any point, you can ask us to delete your information and close your account. If you deactivate your account, we will keep it dormant for 90 days. After 90 days, we will delete your information.
   
   
8. We have additional, advanced security protocols that we can discuss with your IT department upon request.