Security of Fi360 Applications
Where applicable, Fi360 uses 256-bit encryption for access to its web-based applications. That ensures the highest level of encryption available in today’s banking market. The latest available virus scanning and malware protection technologies are also used at every layer within the application set. For a complete security portfolio of documents, including security policies and standards, please contact your sales representative or customer support.
Fi360 does not store sensitive personally identifiable information (PII) within any of its applications. Non-sensitive PII, such as client address and phone number, is stored in certain applications, where needed. Fi360 has adopted the NIST formal definition of PII, which is available upon request.
Backups & Disaster Recovery
All file systems and databases are backed up daily and can be restored within a four-hour window in the case of a disaster. Disaster recovery (DR) and computer security incident response plan (CSIRP) plans are reviewed annually. For copies of the (DR) or (CSIRP) plans, please contact your sales representative or customer support.
Data Center Security
Fi360’s applications are hosted at SSAE 16 certified locations. Copies of the reports are available upon request. No Fi360 client data is stored outside of the continental United States.
Patch Management (Hardware & Software)
Fi360’s hardware and software infrastructure is updated regularly with the latest vendor-provided security patches. Security reviews are also convened to review and implement patches as described by United States Computer Emergency Readiness Team (US-CERT).
Security Policy Training
Each employee of Fi360 is required to be trained annually on basic security policies using industry standard tools provided by cyber security insurance partner, AIG.
Mobile Security Policy
Fi360 does not allow employee mobile devices to connect to client networks without encryption present on the mobile device.