Ser Technology has been performing data-based reporting, credit pre-screening, direct marketing, instant credit decisioning on the web, and data encryption for credit unions for the past 10 years. During that time, Ser has handled over ten thousand credit union membership files and performed over ten thousand credit pre-screens without incident. Ser takes its responsibility to protect the security and privacy of credit union members' personal data seriously and takes the following steps to protect it.

When a credit union's membership file is received for any of Ser's business services, the source data file is processed, verified, and then deleted from the network file server after a period of 90 days and is retained on archival media for an additional 60 days. The membership source file is then deleted entirely from Ser's online and backup media. Membership files received on magnetic media are stored in a vault for 90 days and then destroyed onsite by a bonded service provider.

Access to Ser Technology's online services is limited to credit union employees only and is secured by user ID and password. The initial password must be changed and, thereafter, the password must be changed every 90 days. When a credit union employee signs up for online access, the employee is given limited access to upload a member file via our SSL encrypted upload procedure. Ser then performs systematic due-diligence to verify the identity of the employee before upgrading their site access to perform further functions.

To maintain the privacy of both the credit union's business data and the member's private data, Ser Technology employs 128-bit SSL (Secure Socket Layer) encryption for our online business services that require data transmission.

Since Ser has been providing web-based credit decisioning to credit unions since 1999, we understand the need to provide reliable, 24/7 web capability to our customers. Therefore, Ser's web services are routed through two independent Internet Service Providers (ISPs). Web traffic is load-balanced and has fail-over capability from one ISP to the other, providing a stable, highly reliable web service to our customers.

We attempt to ensure that all files coming in to the Ser Technology network are scanned for viruses and other malicious software. It is our custom to deploy anti-virus software on our mail, web, and application servers as well as on all desktops. Our procedures call for regular updating of Virus "signature" files. In addition, emergency procedures designed to contain virus outbreaks are in place.

Our network is also protected by a firewall which serves to filter and block suspicious traffic that is detected.

Backups are performed on a regularly scheduled basis. The data backups are performed centrally by an automated process and are monitored for any error situations. Backups are stored offsite in a protected, climate controlled environment. A recovery test is performed weekly to test the validity of the backups and the technology and communications platforms that recovery relies upon.

All Ser employees have undergone a criminal history and credit background check performed by Credit Union Employment Resources, a service of the Texas Credit Union League. Each employee is required to sign an agreement pledging to uphold the same standards of customer data protection that the company is pledged to uphold.

The Ser Technology office site is secured by 24-hour onsite security officers, electronic door locks, and video surveillance. The data center is monitored and is directly accessible only by the Network Administrator and the Chief Technologist. The media lab is secured by electronic door lock and is accessible only by the Network Administrator, the Chief Technologist, and the data encryption programmers.

Ser Technology is certified by TruSecure (recently renamed Cybertrust as part of a merger), the leading provider of intelligent risk management services.

TruSecure Certification requires a series of evaluations and recommendations on overall network architecture, connectivity, physical security, redundancy and disaster recovery capabilities, environmental controls, system configurations, and operational policy compliance. Once the site is officially certified, TruSecure Corporation security analysts work with us to regularly monitor adherence to TruSecure's practices standards.

Ser maintains its TruSecure Certification by submitting to and passing an annual audit based on the same evaluation criteria described above.

The certfication and description of TruSecure's process is available by clicking the TruSecure logo on the Ser Technology home page, or by clicking here.

Copyright 2005-2008 © Ser Technology Corporation. All rights reserved.

Security Policy   |   Privacy Policy